Apply SSL certificate to CAMServer


About SSL Certificates

By applying an SSL certificate to CAMServer, the warning when accessing with a standard browser can be removed.
There are two ways to obtain an SSL certificate, and we will explain each of them below.

  1. Apply Let's Encrypt's free SSL
  2. Purchase and apply Intranet SSL
If you do not apply a legitimate SSL certificate on-premise, you must use a web app or bypass the warning to access the site. For more information. Log in to CAMServer for more information.

Apply Let's Encrypt's free SSL

Let's Encrypt can issue certificates for free, but requires domain authentication through the HTTP-01 or DNS-01 challenge. Since CAMServer is not normally exposed to the outside world, we recommend using the DNS-01 Challenge.

DNS-01 Challenge

In the DNS-01 Challenge, ownership is verified by registering the token obtained from the Let's Encrypt server with the DNS server of the target domain name. For example, to issue a certificate for "camserver.xx", the DNS name _acme-challenge.camserver.xx.Set the TXT type to a record named "Obtained Token".

HTTP-01 Challenge

The HTTP-01 challenge obtains a token from the Let's Encrypt server and places a file containing this token in a designated directory on the CAMServer to confirm ownership of the domain name.

For example, to issue a certificate for "camserver.xx", place the token file obtained below,


It must be published externally at the following URL

Once Let's Encrypt certificate creation is complete

Place the pem file according to the following procedure.

  1. CAMServer stop
  2. privkey.pem / cert.pem / chain.pem files. CAMServer/config/ssl/ copy to
  3. CAMServer startup

Purchase and apply Intranet SSL

To apply an SSL certificate to a CAMServer that is completely inaccessible from the outside, an Intranet SSL certificate must be purchased.

Once you have purchased Intranet SSL and obtained the keystore file, follow the steps below to apply it.

  1. CAMServer stop
  2. keystore file. CAMServer/config/ssl/tomcat.keystore overwriting (e.g. data, file)
  3. CAMServer/cam.ini Add the following section to the file
    • camserver.keyAlias=keyAlias at certificate creation
    • camserver.keystorePass=keystorePass at time of certificate creation
  4. CAMServer startup
  • CAMServer uses Tomcat as its HTTP server, and in most cases, the instructions for obtaining and creating a keystore file for Tomcat are available at the place of purchase.
  • For Intranet SSL, if the root certificate is not registered in the browser of each terminal, the root and intermediate certificates must be downloaded from the place of purchase and applied separately to each terminal's browser.