# HTTPS By self-created certificate or uploading a signed certificate, it's able to access the encoder via HTTPS, ensuring the security of communication data, and providing protection for user information and device security with reliable and stable technical means. ## 1. Install Self-Created Certificate 1.1 Go to Setting->Network->HTTPS->Check the checkbox of Enable\\

1.2 Click "Create Certificate" and enter below information:

| Items | Remark | | ----------------------------------- | -------------------------------------------- | | Country | Country code instead of full name of country | | IP/Domain | Same as the IP address of device or domain | | Expiration | Days of validity, ranges from 1 \~ 5000 | | Province/Location/Organization/Unit | None or as you wish | | Email | Valid email address | 1.3 Click "Confirm"->"Install Certificate" and then it'll show as below:

1.4 Click "Download Certificate"->Save Root Certificate

1.5 Open File or Double Click the downloaded file "ca.crt"

1.6 Click the above "OK"->Click "Install Certificate"->Follow the installation guide->Select "Trusted Root Certification Authorities from the dropdown list"

1.7 Click "Next"->Completing the certificate Import Wizard

1.8 Click "Finish" and it'll pop up the window of Security Warning

1.9 Click "Yes" and it'll pop up the window of The import was successful:

{% hint style="info" %} NOTE: Then the self-created certificate was already installed successfully. {% endhint %} 1.10 Go to test whether the encoder can be accessed via HTTPS:

{% hint style="info" %} NOTE: As the self-created certificate was not verified and trusted by the 3rd parties, that's why it'll prompt you the potential security risk. Just go ahead. For details, please check our video tutorial. {% endhint %} ## 2. Install Signed Certificate 2.1 Double click the signed certificate you obtained from 3rd-parties->Click"Install Certificate" 2.2 Refer to the above step 1.6 \~ 1.9 to complete the installation of certificate in your PC; 2.3 Click "Enable"->Browse Signed Certificate & Keys->Upload Signed Certificate & Keys

2.4 Once completed, just click "Save" to make it valid. 2.5 Then it's necessary to do port mapping and make sure the encoder is linked to the domain bonded with the signed certificate. After that, it should be no problem to access the encoder by **[https://domain:port](https://docs.exvist.com/video-encoder/setting/network/https:/domain:port)** instead of the default static IP address. {% hint style="info" %} **NOTE**: HTTP 80 and RTSP 554 are required to do port mapping {% endhint %} ## Video Tutorial ### 1. Installation of HTTPS Certificate for EXVIST Video Encoder {% embed url="" %} ### 2. HTTPS Streaming Over ID(Internet Explorer) {% embed url="" %}