Using AXIS cert store for ACAP applications

[acschristoph]

I am sure I'm not the first person who needs key pairs for an ACAP. Since AXIS already provides a certificate store with secure storage and a web UI for certificate management, it seemed logical to reuse these resources. However, it appears this might not be possible. Could you please correct me if I'm mistaken or explain how you handle this situation?

• Through VAPIX, you can retrieve certificates (the public part in PEM format) but not private keys or keys in general.

• Some firmware versions include a properties file containing stored information about the certificate and key, but I don't see this in firmware version 12.x.

• Do I need to manage this myself? Does every firmware version include the OpenSSL binary? According to the documentation, "The OpenSSL API was introduced in Native SDK 1.14."

I would like users to be able to select an existing certificate (key pair), which I can then retrieve in my ACAP application using the certificate's name or serial number.

thx

[github-actions[bot]]

This automatically generated reply acts as a friendly reminder.

Answers to your questions will most often come from the community, from developers like yourself. You will, from time to time, find that Axis employees answers some of the questions, but this is not a guarantee. Think of the discussion forum as a complement to other support channels, not a replacement to any of them.

If your question remains unanswered for a period of time, please revisit it to see whether it can be improved by following the guidelines listed in Axis support guidelines.

[vivekatoffice]

Hi @acschristoph,

From what I understand, the ACAP SDK does not support using the existing certificates on an Axis device. For instance, as highlighted in The Docker ACAP application: Using TLS to secure the application, new certificates must be uploaded.

I 100% agree with you if it is a suggestion for improvement.

For more details, see this reference: Discussion #744.

Regarding OpenSSL:
Tested with AXIS Q1715 Block Camera (AXIS OS version 12.0.91) you do have the updated binary of OpenSSL:

[Cacsjep]

Hi @vivekatoffice

thank you for clarify, upload, import etc... no problem but thx for the discussion Reference.
Regarding to openssl, does all Firmware Version have it?

BR

[vivekatoffice]

Hi @Cacsjep ,
This article confirms that OpenSSL is available in all LTS and Active track of Axis OS: Open source library support

[Cacsjep]

Thx @vivekatoffice