Setting up a secure connection to a legacy Axis camera

If the camera you are connecting to does not support the latest TLS (Transport Layer Security), you can configure one of four HTTP headers, a Content-Security-Policy header, to provide a secure connection. The Content-Security-Policy HTTP response header reduces XSS (Cross-site scripting) risks on modern browsers by declaring which dynamic resources are allowed to load.

Prerequisites: You are working in Workbench and are connected to the station that supports the camera.

Double–click the station’s WebService (Config > Services > WebService).
The WebService Property Sheet opens.
Expand Http Header Providers > Content-Security-Policy.
The system displays the Content-Security-Policy properties.
Configure at least connect-src and media-src and click Save.
connect-src defines the hostname (IP address) of the camera(s). For example:

'self' workbench ws://%hostname%:%port% wss://%hostname%:%port% ws://172.16.254.1 wss://*training.lan connects to all cameras on the training.lan (a network).
'self' workbench ws://%hostname%:%port% wss://%hostname%:%port% ws://192.168.1.* wss://192.168.1.* includes any camera with an IP address that starts with 192.168.1 and uses either HTTP or HTTPS.

media-src identifies valid sources for loading media. Set this value to ‘self’ blob:.

Setting up a secure connection to a legacy Axis camera

Related Links