5.6.9.1
Using the standard configuration of the certificate
Note
Security
The standard configuration is not the most secure way of transferring data to the drive with the
web server.
It should therefore only be used if no self-created or purchased certificate can be used.
In the delivery state, there is a standard root certificate and a private key stored on the memory
card of the converter as a file. The server certificate and the private server key used later are
automatically generated from this data.
Name of the root certificate
ITDiagRootCA.crt
Name of the private key
ITDiagRootCA.key
Proceed as follows:
1. Open an HTTPS web server connection to your drive in the browser for the first time.
– If you still do not have a server certificate or private server key, the firmware generates
this data.
– Following this, a warning is issued in the browser that the certificate is unknown.
2. Import the server certificate in your standard browser.
Instructions for importing the certificate can be found in your browser's help options.
– Alternatively, you can import the root certificate via the path "OEM/SINAMICS/HMICFG/
CERT/ITDIAGROOTCA.CRT" instead of the server certificate.
This root certificate can be used irrespective of the IP address and drive.
5.6.9.2
Using self-created certificates
If there is no Certification Authority in your business, proceed as described in this chapter.
Create the key files using the "OpenSSL" program and an EXE file. If OpenSSL is not installed
on your PC, you can download this program from the following Internet site and install it free
of charge: OpenSSL (
)
Note
OpenSSL will be installed in C:\OpenSSL. If another path is selected, this path must be
transferred to the tool when called with the option "-o".
Proceed as follows:
1. Create a folder with any name on your local drive, e.g. "C:\MySSL".
2. Copy the "cert.exe" tool to the created folder.
The tool is located on the SINAMICS memory card in the "ADDON\SINAMICS\IT_TOOLS"
folder.
Security measures for SINAMICS
5.6 Web server
Industrial Security
Configuration Manual, 08/2017, A5E36912609A
75