-
Notifications
You must be signed in to change notification settings - Fork 4
Plugin SDK Certificates
All plugin roles require an SDK certificate to connect to Security Center. The Plugin SDK automatically locates and validates the certificate using a specific file naming convention and folder structure.
Unlike Platform SDK applications where you can set the ApplicationId programmatically, plugins rely on file-based certificate discovery.
The certificate file must be named after the fully qualified class name of the plugin, followed by .cert:
{Namespace}.{ClassName}.cert
Given the plugin class:
namespace Genetec.Dap.CodeSamples
{
[PluginProperty(typeof(MyPluginDescriptor))]
public class MyPlugin : Plugin
{
// Plugin implementation
}
}The certificate file must be named:
Genetec.Dap.CodeSamples.MyPlugin.cert
The certificate file must be placed in a Certificates folder located in the same directory as the plugin DLL:
YourPlugin.dll
└── Certificates/
└── Genetec.Dap.CodeSamples.MyPlugin.cert
When a plugin role initializes, the Plugin SDK:
- Determines the plugin's fully qualified type name (
Namespace.ClassName) - Looks for a file named
{Namespace}.{ClassName}.cert - Searches in the
Certificatessubfolder relative to the plugin DLL location - Loads and validates the certificate
- Uses the certificate to authenticate with Security Center
The certificate file is an XML document containing:
<ClientCertificate>
<CompanyName>your-company-name</CompanyName>
<ApplicationName>your-application-name</ApplicationName>
<ApplicationId>your-application-id</ApplicationId>
</ClientCertificate>This file is provided by Genetec as part of the Development Acceleration Program (DAP).
Each active plugin role instance consumes one connection from the Security Center license:
- Plugin roles are not listed under System Status > Applications in Config Tool
- Instead, view plugin roles under System Status > Roles
- Each online and initialized plugin role represents an active SDK certificate connection
- Even if multiple plugin roles use the same
ApplicationId, each role instance counts as one connection
A plugin role connection is counted when:
- The plugin role is loaded and initialized by the Directory
- The plugin successfully authenticates using its certificate
The connection is released when:
- The plugin role is deactivated or unloaded
- The role goes offline
If you have multiple plugin roles that share the same base plugin class, each instance requires:
-
Same certificate content (can copy the
.certfile) - Same certificate filename (based on the class name)
- Separate connections to the license pool
For example, if you create two instances of MyPlugin role:
- Both use
Genetec.Dap.CodeSamples.MyPlugin.cert - Each instance consumes one separate connection
In addition to the certificate file, you can specify allowed ApplicationIds directly in your PluginDescriptor class using the ApplicationId property:
public class MyPluginDescriptor : PluginDescriptor
{
public override Guid PluginGuid => new Guid("{12345678-1234-1234-1234-123456789012}");
public override string Name => "My Plugin";
public override string Description => "My plugin description";
public override string SpecificDefaultConfig => null;
public override List<string> ApplicationId => new List<string>
{
"KxsD11z743Hf5Gq9mv3+5ekxzemlCiUXkTFY5ba1NOGcLCmGstt2n0zYE9NsNimv", // Development environment
"your-production-application-id" // Production certificate
};
}The ApplicationId property allows you to:
- Specify multiple ApplicationIds that are authorized to run your plugin
- Support both development and production certificates simultaneously
- Allow plugins to run on development systems during development
The ApplicationId KxsD11z743Hf5Gq9mv3+5ekxzemlCiUXkTFY5ba1NOGcLCmGstt2n0zYE9NsNimv is a special value that allows plugins to run on development Security Center systems without a production certificate.
When the plugin initializes, Security Center validates that the certificate's ApplicationId matches one of the values in:
- The
ApplicationIdproperty returned by yourPluginDescriptor - The certificate file content
If the ApplicationId list is empty (the default), only the certificate file is used for validation.
The Plugin base class provides a protected property to access the certificate's ApplicationId:
protected override void OnPluginLoaded()
{
// Get the ApplicationId from the certificate file
string applicationId = SdkClientCertificate;
Logger.TraceInformation($"Running with ApplicationId: {applicationId}");
}Yes. You can use the same ApplicationId in multiple certificate files. However:
- Each certificate file must still be named after its respective plugin class
- Each active plugin role still counts as a separate connection
No. Each plugin class requires its own certificate file with the correct naming:
-
Genetec.Dap.CodeSamples.PluginA.certforPluginA -
Genetec.Dap.CodeSamples.PluginB.certforPluginB
You can copy the certificate content between files, but each class needs its own named file.
To obtain an SDK certificate for your plugin:
- Enroll in the Genetec Development Acceleration Program (DAP)
- Provide your company and integration details
- Specify your plugin's intended functionality
- Genetec will issue a
.certfile and indicate the required Security Center license part number
- Plugin SDK: Overview - Plugin architecture and lifecycle
- Deploying Plugins and Workspace Modules in Security Center - Deployment procedures
- SDK Certificates for Security Center Integrations - Platform SDK certificate usage
-
Security Center SDK Developer Guide Overview of the SDK framework and how to build integrations with Security Center.
-
Platform SDK
- Platform SDK Overview Introduction to the Platform SDK and core concepts.
- SDK Certificates Details certificates, licensing, and connection validation.
- Entity Guide Explains the core entity model, inheritance, and how to work with entities.
- Entity Cache Guide Describes the engine's local entity cache and synchronization.
- SDK Transactions Covers batching operations for performance and consistency.
- ReportManager Querying entities and activity data from Security Center.
- Events and Actions Subscribing to events and handling actions.
- Logging with the Genetec SDK How to configure logging, diagnostics, and debug methods.
- Referencing SDK Assemblies Best practices for referencing assemblies and resolving them at runtime.
- SDK Compatibility Guide Understanding backward compatibility and versioning in the SDK.
-
Plugin SDK
- Plugin SDK Overview Introduction to plugin architecture and capabilities.
- Plugin SDK Certificates SDK certificate requirements for plugin roles.
- Plugin SDK Lifecycle Initialization and disposal patterns.
- Plugin SDK Threading Threading model, QueueUpdate, and async patterns.
- Plugin SDK Configuration Configuration storage and monitoring.
- Plugin SDK Restricted Configuration Secure credential storage and admin-only configuration.
- Plugin SDK Database Database integration and schema management.
- Plugin SDK Events Event subscription and handling.
- Plugin SDK Queries Query processing and response handling.
- Plugin SDK Request Manager Request/response communication with clients.
- Plugin SDK Entity Ownership Understanding plugin-owned entities, running state management, and ownership release.
- Plugin SDK Entity Mappings Using EntityMappings for plugin-specific configuration and external system integration.
- Plugin SDK State Management Reporting plugin health and diagnostics.
- Plugin SDK Server Management High availability and server failover.
- Custom Privileges Defining and enforcing custom privileges.
- Resolving Non-SDK Assemblies Handling third-party dependencies in plugins and workspace modules.
- Deploying Plugins Registering and deploying plugins and workspace modules.
-
- Macro SDK Developer Guide Complete guide to creating server-side automation scripts in Security Center using C#.
- Getting Started Setup, authentication, and basic configuration for the Web SDK.
- Referencing Entities Entity discovery, search capabilities, and parameter formats.
- Entity Operations CRUD operations, multi-value fields, and method execution.
- Partitions Managing partitions, entity membership, and user access control.
- Custom Fields Creating, reading, writing, and filtering custom entity fields.
- Custom Card Formats Managing custom credential card format definitions.
- Actions Control operations for doors, cameras, macros, and notifications.
- Events and Alarms Real-time event monitoring, alarm monitoring, and custom events.
- Incidents Incident management, creation, and attachment handling.
- Reports Activity reports, entity queries, and historical data retrieval.
- Performance Guide Optimization tips and best practices for efficient API usage.
- Reference Entity GUIDs, EntityType enumeration, and EventType enumeration.
- Under the Hood Technical architecture, query reflection, and SDK internals.
- Troubleshooting Common error resolution and debugging techniques.
- Media Gateway Guide Setup and configuration of the Media Gateway role for video streaming.
- Web Player Guide Complete guide to integrating GWP for live and playback video streaming.
- Web Player API Reference Full API documentation with interfaces, methods, properties, and events.
- Web Player Sample Application Comprehensive demo showcasing all GWP features with timeline and PTZ controls.
- Genetec Web Player Multiplexing Sample Multi-camera grid demo using a shared WebSocket connection.