Verify digital signatures
If you are reviewing video evidence in Smart Client – Player, and the exported material has digital signatures, you can verify that the recording has not been tampered with since it was recorded, or since the export was made, or both.
Important: Digital signing does not work for XProtect Smart Client 2017 R1 or earlier versions that logs into a 2017 R2 or newer system and the export will not succeed.
Requirements:
- In Management Client, signing has been turned on for the recording server.
- In XProtect Smart Client, during the export process, the XProtect format and Include digital signature check boxes were selected.
Steps:
- On the toolbar, click the Verify Signatures button. The Manual verification window appears. Here you can see the devices selected for the export.
- Click Verify to start the verification process. The system checks the authenticity of the recording signature and the export signature.
- To verify that you can rely on the verification of the recording signature:
- In the Recording signatures column, click the Verified link. The Certificates dialog appears.
- Compare the value of the public_key and signature with the corresponding values in the PublicKey.xml file (C:\Program Files\Milestone\Management Server\Tools\CertificateIssuer). If the values differ, the recording has been modified.
- To verify that you can rely on the verification of the export signature:
- In the Export signatures column, click the Verified link. The Certificates dialog appears.
- Compare the value of the public_key and signature with the corresponding values in the Public Key Certificate.xml file (<export destination folder>\<export name>\Client Files\Data\Mediadata\<camera name>\<camera name>\Export signatures). If the values differ, the export material has been modified.
A database can be verified, partially verified (if some of the files have not had signatures attached), or not signed.
© 2018 Milestone Systems A/S