I have problem with SSL Certificate installed in mikrotik, currently certificate SSL still not secure, Please Anyone who already implement installing SSL Certificate to Accessing DVR CCTV using HTTPS behind NAT. and Subdomain is Address Record A in Zone Editor. so the Topology to be like this
Domain hosted in hosting.
Internet ——– Mikrotik —— DVR (port 80,443,554,8000)
so when has https incoming traffic will read SSL certificate which installed in Mikrotik. May I know how to configure SSL certificate to handling this request port 443 from eksternal. Please help.
I don't know what you think about security,
but exposing a DVR's port 80/443/554/8000 to the internet is like having your home spied on after a while.
The HTTPS protocol is secure in preventing data in transit from being seen,
but it doesn't prevent access to the device, especially if the DVR software is buggy...
How do you access DVR? With https WWW? If yes then just redirect other port at WAN interface, let it be 12345, to 443 of DVR and connect to DVR with https://dvr.public.address.domain.my:12345/ and you would talk directly with DVR using it's certificate.
It's not entirely clear what exactly is Mikrotik router's function here:
But if it's port forwarding (DST-NAT), then Mikrotik doesn't process traffic, it only forwards it. And hence certificates installed on Miktotik don't have anything to do with access to DVR. You'd have to install certifficate on DVR itself. And use Mikrotik to limit access to a few alliwed remote IP addresses (white-list those).