The free version of the local LAN server accepts connections over HTTP only. The technology Agent DVR uses will work locally over HTTP but for remote connections it needs SSL. If you want secured remote access to Agent DVR you will need to use the remote web portal which has an end-to-end secured connection to Agent DVR.
Tip: Once your SSL and DNS is configured you can browse to it on your mobile device and use the tool menu in the browser to install it as an application.
SSL install on Windows
Follow the letsencrypt instructions to install a certificate on your computer.
When you have a certificate generated (a .pem file) you can use openssl.exe to convert it to a .pfx file:
openssl.exe pkcs12 -export -out C:\Certbot\live\youragentserver.ddns.net\certificate.pfx -inkey C:\Certbot\live\youragentserver.ddns.net\privkey.pem -in C:\Certbot\live\youragentserver.ddns.net\fullchain.pem
Right click the generated .pfx file and click Install. Install it to your local machine.
Bind the certificate to the IP address:port and application:
netsh http add sslcert ipport=0.0.0.0:443 certhash=YOUR_CERT_HASH appid={642c92c9-a595-4315-b9cb-3cfdc902805b}
Where YOUR_CERT_HASH is the thumbprint from your SSL certificate which you can find using "certmgr" from the start menu. Open CertMgr, expand Personal - Certificates and double click your certificate. The thumbprint is on the Details tab.
When you have generated and installed the certificate, open Agent DVR, click on Server Icon - Settings - Local Server tab and set the SSL Port to 443 and click OK.
At this point you should now be able to load the UI (in this example) under https://your.server.address .
SSL install on Linux and OSX
SSL setup for Agent 4.4.0.0+
Follow the letsencrypt instructions to install a certificate on your computer.
When you have a certificate generated (a .pem file) you can use openssl.exe to convert it to a .pfx file (make sure you are in the same folder your certificate was saved to):
openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in fullchain.pem
In Agent's local UI, click on Server Icon, Server Settings, select Local Server tab
Specify the port you want it to run on in SSL Port (default is 443). Provide the path to your certificate file under SSL Certificate. Specify the password you used to create the certificate under SSL Password. Click OK. Note: these fields are only visible on Linux/ OSX platforms.
At this point you should now be able to load the UI (in this example) under https://your.server.address .
SSL for older Agent versions
Setting up SSL on Unix is different to Windows. You will need to use a reverse proxy. See NGINX Reverse Proxy for an example.
Troubleshooting
Use the regular http port (8090) and set the SSL port under Server Settings - Local Server - SSL port to 0 to disable.