Ditch self-signed certs, switch to LetsEncrypt
I’ve said this many times before in 1–1 conversations earlier. In most cases, there is really no reason for you to be using self-signed certificates with ZoneMinder. Let’sEncrypt is free and you don’t need a static IP to use Let’s Encrypt.
In-fact, I’ve been running Let’sEncrypt for years now with a free DNS name from DuckDNS. The logic is pretty simple — I sign up for a free domain name, and use one of the bazillion options presented here to keep my domain name mapped to my latest IP address, if and when it changes. That’s all really. And then once I have a DNS name, I use it to generate my LetsEncrypt certs using its automated bots. Instructions are on their website.
The reason I say this is for a long time, browsers have been discouraging self-signed certificates and with every new version, they add more constraints. IOS 13 and Catalina, for example, tightened up their TLS certificates requirements as documented here.
So upgrade, if you can! Thanks!
Oh an iOS users, with 1.4.009 of zmNinja, if you can’t see monitor feeds and you are using self-signed certs, I’ve pushed 1.4.010 that will fix this.
