UI3 on Google Pixel 10 Chrome Browser

Hello bp2008. I finally got started withSSLCertificateMaker.
I downloaded and ran the .exe. I entered some IP addresses and clicked on the Make Certificate button and then used the Convert to create the .cer and .key files.
I didn't go any further because I was not confident I got the IP addresses correct. Here is what I entered:

localhost
mynetname.netgear.com (mynetname is not my actual net name -- didn't want to post that here. I have a DDNS, setup and using NoIP to keep my external IP address updated for this domain)
192.168.1.8:81 (this is actually in the address bar on my cell phone chrome browser when accessing via OpenVPN or when I am on my home WiFi, also this is the same URL I use on the other PC on my home network)
192.168.1.8 (this is the reserved local ip address of the dedicated blue iris server PC, ie same as above without the prefixes and postfixes)
192.168.1.2 (this is the reserved local ip address of the other PC, on my home network, I use to access blue iris.

I did all the above before I got around to looking at the Blue Iris Web Server menu for the first time since I set that up about 5 years ago.
I don't remember if there was an https option back then. I now see why you said to use port 443.
You said to type any and all IP addresses and host names you use to open Blue Iris in a web browser.
I'm not sure how to account for the address of the cell phone coming in via my VPN or will mynetname.netgear.com suffice?
I'm realizing now that 192.168.1.8 is actually the destination IP address (blue iris server) so I probably don't want this in the list, correct?
192.168.1.2 is a source address for my other PC used to access UI3, so I probably do need this in the list, correct?

Thanks again for your help on this. I've been a bit lethargic about getting the https working mainly because it has been so long since I set all of this up, and I had forgotten a lot of the details about my steps to accomplish that back in 2021.
I do believe it is worth getting this working so I can get rid of that blasted address bar on the chrome browser for UI3.
 
bp2008 - Another use case I forgot to mention -- I also sometimes use my cell phone at home on my WiFi to access UI3. I don't have my cell (currently a Pixel 10) using a reserved IP address, but I could do that. Do I need to list that IP address in the host list for SSLCertificateMaker?
 
@bbdude The SSL certificate is to establish a verifiable identity for your server. The only addresses that need to be in there are the ones you'd potentially use to reach your server, and don't include the port number ( :81 ) portion.
 
Techie007L thanks. Yes I had pretty much figured out, after my first run of SSLCertificateMaker, that I should have only included IP addresses for the devices accessing UI3. In order to know the IP address for my cell phone, when on my home WiFi, I can set it to a reserved IP address in my router. Sounds like I will need to do that. When accessing UI3 using my cell phone away from home, hopefully if I enter the domain for my VPN, that will suffice. I'm not certain of that at this point.
 
@bbdude No, you do not enter the addresses for client devices accessing/connecting to UI3, only the addresses that will be used to identify/address/reach your server. The certificate is establishing a verifiable identity for your server, not authenticating clients.
 
  • Like
Reactions: looney2ns
@bp2008 YES !!!!! This worked! Thank you so much for the additional update 2026-04-21 to post #16 of this thread. I followed the steps carefully, created the .cer file and copied to .crt for my Pixel 10 (Android cell phone) and installed that as a CA certificate. Then generated the .pfx for the Blue Iris server and switched over to the https version of the web server. Then went back to my Pixel 10 and browsed with chrome to the https UI3, sent to home screen and was prompted if I wanted to Install as an App, which I certainly did. Now I have no address bar for UI3 on my Pixel 10 cell for that new UI3 App. Works great both from my WiFi and via cell signal/VPN !!!

I also downloaded and ran CertTrustManager on the other PC here in the house where I access UI3. I fed it the .cer file generated above. This also worked, ie certificate is now trusted on that PC. I used the Edge browser on that PC and went to the https: web site for UI3. The https: is accepted.
I do get a "Not secure" warning on the left side of the address bar, which I can click on and get the additional info:
"Your connection to this site isn't secure. This site has a valid certificate, issued by a trusted authority. However, some parts of the site are not secure. This means information (such as passwords or credit cards) might not be securely sent to this site and may be intercepted or seen by others."
This is not a big deal on the PC. It takes-up no additional screen space since it is part of the address bar and I have plenty of screen real estate on that monitor.
 
Last edited:
  • Like
Reactions: Techie007L
Update: This morning, I restarted both the Blue Iris server PC and the other PC here in the house where I access UI3. Now when I use the Edge browser on that PC and access the https: website for UI3, I no longer get the "Not secure" warning mentioned above. Now everything is copasetic, just like any other secure https website. The UI3 PWA App on my Pixel 10 cell is also working great, in fact it seems like the video streaming performance is smoother and more responsive.
 
You must log in or register to reply here.
Top Bottom