plugin sdk certificates

About plugin certificates

All plugin roles require an SDK certificate to connect to Security Center. The Plugin SDK automatically locates and validates the certificate using a specific file naming convention and folder structure.

Unlike Platform SDK applications where you can set the ApplicationId programmatically, plugins rely on file-based certificate discovery.

Certificate File Naming

The certificate file must be named after the fully qualified class name of the plugin, followed by .cert:

{Namespace}.{ClassName}.cert

Example

Given the plugin class:

namespace Genetec.Dap.CodeSamples
{
    [PluginProperty(typeof(MyPluginDescriptor))]
    public class MyPlugin : Plugin
    {
        // Plugin implementation
    }
}

The certificate file must be named:

Genetec.Dap.CodeSamples.MyPlugin.cert

Certificate Location

The certificate file must be placed in a Certificates folder located in the same directory as the plugin DLL:

YourPlugin.dll
└── Certificates/
    └── Genetec.Dap.CodeSamples.MyPlugin.cert

How the Plugin SDK Locates Certificates

When a plugin role initializes, the Plugin SDK:

Determines the plugin's fully qualified type name (Namespace.ClassName)
Looks for a file named {Namespace}.{ClassName}.cert
Searches in the Certificates subfolder relative to the plugin DLL location
Loads and validates the certificate
Uses the certificate to authenticate with Security Center

License Consumption

Each active plugin role instance consumes one connection from the Security Center license:

Plugin roles are not listed under System Status > Applications in Config Tool
Instead, view plugin roles under System Status > Roles
Each online and initialized plugin role represents an active SDK certificate connection
Even if multiple plugin roles use the same ApplicationId, each role instance counts as one connection

License Activation

A plugin role connection is counted when:

The plugin role is activated and online

The connection is released when:

The plugin role is deactivated or offline

Multiple Plugin Instances

If you have multiple plugin roles that share the same base plugin class, each instance requires:

Same certificate content (can copy the .cert file)
Same certificate filename (based on the class name)
Separate connections to the license pool

For example, if you create two instances of MyPlugin role:

Both use Genetec.Dap.CodeSamples.MyPlugin.cert
Each instance consumes one separate connection

ApplicationId Property in PluginDescriptor

In addition to the certificate file, you can specify allowed ApplicationIds directly in your PluginDescriptor class using the ApplicationId property:

public class MyPluginDescriptor : PluginDescriptor
{
    public override Guid PluginGuid => new Guid("{12345678-1234-1234-1234-123456789012}");
    public override string Name => "My Plugin";
    public override string Description => "My plugin description";
    public override string SpecificDefaultConfig => null;

    public override List<string> ApplicationId => new List<string>
    {
        "KxsD11z743Hf5Gq9mv3+5ekxzemlCiUXkTFY5ba1NOGcLCmGstt2n0zYE9NsNimv"
    };
}

How it works

When the plugin initializes, Security Center extracts the ApplicationId from the .cert file and compares it against the entries in this list. If no match is found, the plugin fails with IllegitimateCertificate error.

If the ApplicationId list is empty (the default), this check is skipped for backward compatibility.

Note

For information about the development certificate ApplicationId, see Development vs Production Certificates.

Accessing the ApplicationId at Runtime

The Plugin base class provides a protected property to access the certificate's ApplicationId:

protected override void OnPluginLoaded()
{
    // Get the ApplicationId from the certificate file
    string applicationId = SdkClientCertificate;
    Logger.TraceInformation($"Running with ApplicationId: {applicationId}");
}

Security Center SDK

Security Center SDK Developer Guide Overview of the SDK framework and how to build integrations with Security Center.
- Platform SDK
  - Overview Introduction to the Platform SDK and core concepts.
  - Connecting to Security Center Step-by-step guide for connecting and authenticating with the SDK.
  - SDK Certificates Details certificates, licensing, and connection validation.
  - Referencing SDK Assemblies Best practices for referencing assemblies and resolving them at runtime.
  - SDK Compatibility Guide Understanding backward compatibility and versioning in the SDK.
  - Entity Guide Explains the core entity model, inheritance, and how to work with entities.
  - Entity Cache Guide Describes the engine's local entity cache and synchronization.
  - Transactions Covers batching operations for performance and consistency.
  - Events Subscribing to real-time system events.
  - Actions Sending actions to Security Center.
  - Security Desk Displaying content on monitors, reading tiles, sending tasks, and messaging operators.
  - Custom Events Defining, raising, and subscribing to custom events.
  - ReportManager Querying entities and activity data from Security Center.
  - ReportManager Query Reference Complete reference of query types, parameters, and response formats.
  - Privileges Checking, querying, and setting user privileges.
  - Partitions Entity organization and access control through partitions.
  - Logging How to configure logging, diagnostics, and debug methods.
- Plugin SDK
  - Overview Introduction to plugin architecture and capabilities.
  - Certificates SDK certificate requirements for plugin roles.
  - Lifecycle Initialization and disposal patterns.
  - Threading Threading model, QueueUpdate, and async patterns.
  - State Management Reporting plugin health and diagnostics.
  - Configuration Configuration storage and monitoring.
  - Restricted Configuration Secure credential storage and admin-only configuration.
  - Events Event subscription and handling.
  - Queries Query processing and response handling.
  - Request Manager Request/response communication with clients.
  - Database Database integration and schema management.
  - Entity Ownership Understanding plugin-owned entities, running state management, and ownership release.
  - Entity Mappings Using EntityMappings for plugin-specific configuration and external system integration.
  - Server Management High availability and server failover.
  - Custom Privileges Defining and enforcing custom privileges.
  - Custom Entity Types Defining and managing plugin-specific entity types.
  - Resolving Non-SDK Assemblies Handling third-party dependencies in plugins and workspace modules.
  - Deploying Plugins Registering and deploying plugins and workspace modules.
  - .NET 8 Support Building plugins with .NET 8 and .NET Standard compatibility.
- Workspace SDK
  - Overview Introduction to client-side UI extensions for Security Desk and Config Tool.
  - Certificates SDK certificate requirements for workspace modules.
  - Creating Modules Module lifecycle, registration patterns, and assembly resolution.
  - Tasks Executable actions, home page entries, and programmatic invocation.
  - Pages Page content, lifecycle, descriptors, and navigation.
  - Components Dashboard widgets, tiles, maps, credentials, and content builders.
  - Tile Extensions Custom tile widgets, views, and properties panels.
  - Services Built-in services for dialogs, maps, alarms, badges, and more.
  - Contextual Actions Right-click context menu extensions.
  - Options Extensions Custom settings pages in application preferences.
  - Configuration Pages Entity configuration pages for Config Tool.
  - Monitors Multi-monitor support and shared components.
  - Shared Components Using monitor and workspace shared UI components.
  - Commands Command execution, evaluation, and interception.
  - Extending Events Adding custom fields to Security Center events.
  - Map Extensions Custom map objects, layers, and providers.
  - Timeline Providers Custom timeline event sources for video playback.
  - Image Extractors Custom image sources for cardholder photos and custom fields.
  - Credential Encoders Encoding credentials with custom encoder components.
  - Cardholder Fields Extractors Importing cardholder data from external sources.
  - Content Builders Building and customizing tile content in Security Desk.
- Macro SDK
  - Overview How macros work, creating and configuring macro entities, automation, and monitoring.
  - Developer Guide Developing macro code with the UserMacro class and Security Center SDK.

Web SDK Developer Guide

Getting Started Setup, authentication, and basic configuration for the Web SDK.
Referencing Entities Entity discovery, search capabilities, and parameter formats.
Entity Operations CRUD operations, multi-value fields, and method execution.
About access control in the Web SDK Concepts, relationships, and common access-control operations.
About video in the Web SDK Concepts, relationships, configuration, and common video operations.
Users and user groups Creating users, managing group membership, and assigning privileges.
Partitions Managing partitions, entity membership, and user access control.
Custom Fields Creating, reading, writing, and filtering custom entity fields.
Custom Card Formats Managing custom credential card format definitions.
Actions Control operations for doors, cameras, macros, and notifications.
Events and Alarms Real-time event monitoring, alarm monitoring, and custom events.
Incidents Incident management, creation, and attachment handling.
Reports Activity reports, entity queries, and historical data retrieval.
Tasks Listing and executing saved report tasks.
Macros Monitoring currently running macros.
Custom Entity Types Listing, retrieving, and deleting custom entity type descriptors.
System Endpoints License usage, web tokens, and exception handling.
Performance Guide Optimization tips and best practices for efficient API usage.
Reference Entity GUIDs, EntityType enumeration, and EventType enumeration.
Under the Hood Technical architecture, query reflection, and SDK internals.
Troubleshooting Common error resolution and debugging techniques.

Media Gateway Developer Guide

Media Gateway Guide Setup and configuration of the Media Gateway role for video streaming.

Web Player Developer Guide

Developer Guide Complete guide to integrating GWP for live and playback video streaming.
API Reference Full API documentation with interfaces, methods, properties, and events.
Sample Application Comprehensive demo showcasing all GWP features with timeline and PTZ controls.
Multiplexing Sample Multi-camera grid demo using a shared WebSocket connection.

plugin sdk certificates

About plugin certificates

Certificate File Naming

Example

Certificate Location

How the Plugin SDK Locates Certificates

License Consumption

License Activation

Multiple Plugin Instances

ApplicationId Property in PluginDescriptor

How it works

Accessing the ApplicationId at Runtime

See also

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!