onvif on a05a6e7

[leepan8]

I am trying out onvif that was checked in on Mar 20.
I am using Onvif Device Manager and the credentials used are user:root and password:password and url: http://192.168.xx.xx:8080.

I am getting the following error:
"The data in element 'security' must be understood but cannot be handled"

[jmtatsch]

@Sian-Lee-SA Any ideas?

[leepan8]

using as url: https://192.168.xx.xx:8080 (note https), I get an error about
server certificate.
See attached screen capture.

[Sian-Lee-SA]

I had to turn off ssl via the http config. This would then allow software's that require authentic ssl connections to default to insecured. This can be looked at again down the track. If you happen to use say letsencrypt, then you would need to open a port and point to the secured ssl'd domain name.

I did not bother doing that as I just VPN when on mobile and away while keeping my opened ports to a minimum.

The reason http doesn't work is because the http config auto redirects http to https.

Also, if your client software has an option to ignore insecure ssl connections then you could do that.

[jmtatsch]

I am pretty sure the http to https redirect is only in place for port 80 controlled by lighttpd.
Onvif_srvd must have its own little http server, maybe SSL can be enabled there somehow?

[Sian-Lee-SA]

Just did a quick search to see what was using the http port and its the snapshot uri. I also recall having ssl problems til I stopped the http redirect to https. I will have a look and play around with said client as the url it's trying to grab is arbitrary so I believe the client software should have a setting to default to http or ignore ssl.

[joshuakoh1]

I had to turn off ssl via the http config. This would then allow software's that require authentic ssl connections to default to insecured. This can be looked at again down the track. If you happen to use say letsencrypt, then you would need to open a port and point to the secured ssl'd domain name.

I did not bother doing that as I just VPN when on mobile and away while keeping my opened ports to a minimum.

The reason http doesn't work is because the http config auto redirects http to https.

Also, if your client software has an option to ignore insecure ssl connections then you could do that.

@Sian-Lee-SA Where do you find this ssl setting to turn off? I'm not seeing any option to turn it off in the web gui
Edit: I've commented out the 4 lines and 7 lines block in lighttpd.conf but it's still doing the redirect

[Sian-Lee-SA]

It's been a while since I've played around with my cams and it's firmware. But before I can suggest solutions, the guys who moderate the firmware are still yet to update to the latest ONVIF server in which I fixed the motor controls etc. Not sure why it's not currently updated yet although it's been pulled into their firmware repo

[VolodymyrLykhachov]

Have the same issue with Dafang onvif on the latest mod. Any ideas how to fix?