summaryrefslogtreecommitdiff
path: root/docs/SSL-Configuration.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/SSL-Configuration.md')
-rw-r--r--docs/SSL-Configuration.md48
1 files changed, 48 insertions, 0 deletions
diff --git a/docs/SSL-Configuration.md b/docs/SSL-Configuration.md
new file mode 100644
index 00000000..c3c06d8e
--- /dev/null
+++ b/docs/SSL-Configuration.md
@@ -0,0 +1,48 @@
+***SSL Configuration notes
+
+If your Zoneminder instance has SSL configured and you need zmNinja to connect to ZM over SSL you need to:
+
+1) Make sure you generate the certificates correctly
+2) Import the certificate into iOS and Android
+
+****Certificate generation
+
+*****Self-signed certificates
+
+If you are using self signed certificated, you should make sure the "common name" matches the hostname (or public IP)
+of the server you are installing ZM in. If not, zmNinja's SSL handshake will fail.
+
+If you have used 'make-ssl-cert' or a similar tool that automatically generates the cert for you, its very likely
+you have certificate that uses the 'unix hostname' of your server. That will not work.
+
+Assuming you are usin apache and have SSL enabled, here is how to regenerate the certs
+
+This will create a self-signed certificate/key pair and store it in /etc/apache2/ssl (you may have to create that directory, or store it elsewhere)
+
+```
+sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/zoneminder.key -out /etc/apache2/ssl/zoneminder.crt
+```
+
+Next up, edit your apache ssl config (example /etc/apache2/sites-available/default-ssl.conf)
+And add/modify the following lines:
+
+```
+SSLCertificateFile /etc/apache2/ssl/zoneminder.crt
+SSLCertificateKeyFile /etc/apache2/ssl/zoneminder.key
+```
+
+restart apache
+
+```
+sudo service apache2 restart
+```
+
+
+Then, you need to install zoneminder.crt in your mobile devices so that zmNinja does not reject the certificate as it is self signed.
+The easiest way to do that is simply email it to yourself and open your email in the phone and install the attachment. Works for both
+iOS and Android. Make sure you install it and go through the prompts
+
+Once you are done with these steps, zmNinja should be able to connect to ZM via SSL. Make sure you select SSL in the settings
+
+*****CA signed certificates
+If you purchase a signed certificate, or set up your own root CA zmNinja should just work over SSL. I haven't tried it so far.
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 08:08:50 +0000