By default, Softron applications that support remote control via the REST API use HTTP for communication.
However, in situations where your computer is accessible over a public network—such as when it has a public IP address—you should secure the connection using HTTPS. This requires setting up a valid TLS/SSL certificate.
Important: Once HTTPS is enabled in a Softron application, HTTP is disabled. You must choose either HTTP or HTTPS, not both.
Creating a TLS/SSL Certificate
To enable HTTPS, you need a valid certificate in .p12 format (also known as PKCS#12). You may want to consult an IT professional, but here are some key guidelines:
If the application is on a private/internal network
- You can use a self-signed certificate.
- Ensure it’s exported as a .p12 file.
If the application is accessible from the internet (public IP address)
- You should obtain a certificate from a trusted Certificate Authority (CA) (e.g., Let’s Encrypt, DigiCert).
- Export the certificate (and its private key) as a .p12 file.
- The hostname (DNS name) of the computer running the Softron application must match the certificate’s Common Name (CN) or Subject Alternative Name (SAN).
Password protection
A .p12 certificate usually requires a password. Make sure you remember it, as it will be needed during setup.
Where to Place the .p12 Certificate File?
For applications without a “Select” button (e.g., OnTheAir Video)
You must place the .p12 file in a specific folder, using a specific name, for example with OnTheAir Video:
/Library/Application Support/Softron/OnTheAir Video/OnTheAir Video/Certificates/tls_certificate.p12
Note that the folder is not created by default, so you will need to create it manually.
For OnTheAir Video multi-instance versions (e.g., OnTheAir Video 2), adjust the path accordingly:
/Library/Application Support/Softron/OnTheAir Video/OnTheAir Video 2/Certificates/tls_certificate.p12
Restart required: Quit and relaunch the application after placing the certificate so it can be loaded.
For applications with a “Select” button (e.g., OnTheAir MOS Gateway)
You can store the certificate anywhere on your system, with any filename. In the app’s settings, click “Select” and choose your .p12 file manually.
Configuring HTTPS in Your Application
Open your Softron application and go to the HTTP server settings. For example, in OnTheAir Video, check in:
Settings > General > HTTP Server
Common Errors and Troubleshooting
“Certificate Missing” error:
- Check that the .p12 file is in the correct folder and named correctly (for apps without a “Select” button).
- For apps with a “Select” button, make sure the file hasn’t been moved or deleted.
“Certificate Invalid” error:
- The certificate may be expired, malformed, or not trusted.
- You may have entered an incorrect password.
Successful Setup
Once a valid certificate is loaded and the correct password is entered, the application will show that HTTPS is enabled.
You can now securely control the Softron application using the REST API over HTTPS.
Additional Tips
- Certificate validity: Always check the expiration date of your certificate and set reminders to renew it in time.
- Backup your .p12 file and store it securely along with the password.
- If using Let’s Encrypt, automate renewal with scripts and convert .pem files to .p12 format using openssl.
Comments
0 comments
Please sign in to leave a comment.