background image

 

XML over HTTP Driver Manual 

Page 17 of 19 

Appendix D.1.2. Limiting Client Access 

In  addition  to  TLS_Port  parameter  also  add  Validate_Client_Cert  in  the  connections  section  of  the 
configuration 

file and set it to “Yes”. 

Connections 
Adapter  , Protocol 

, TLS_Port 

, Validate_Client_Cert 

N1 

, Modbus/TCP 

, 1502 

, Yes    

The configuration above sets the FieldServer to request and verify a client’s certificate against its internal 
authority  file  before  accepting  connection.  By  default,  this  means  the  FieldServer  will  only  accept 
connections from other FieldServers.  

In  order  to  load  an  authority  file  so  that  the  FieldServer  will  accept  connections  from  a  chosen  list  of 
remote clients, configure the FieldServer with the following connection settings: 

Connections 
Adapter  , Protocol 

, TLS_Port 

, Validate_Client_Cert 

, Cert_Authority_File 

N1 

, Modbus/TCP 

, 1502 

, Yes 

, my_authorized_clients.pem  

This  configuration  has  the  FieldServer  accept  connections  from  clients  who  have  the  correct  certificate. 
The authority file is a collection of client certificates in PEM format. This file can be edited using any text 
file editor.  

NOTE: Cert_Authority_File is use

ful only if Validate_Client_Cert is set to ‘Yes’. 

Appendix D.1.3. To Upload the Authority File to the FieldServer 

 

Enter the IP address of the FieldServer into a web browser. 

 

Choose the ‘Setup’ option in the Navigation Tree and Select ‘File Transfer’. 

 

Choose the ‘General’ tab. 

 

Click on the ‘Browse’ button and select the PEM file you want to upload. 

 

Click on ‘Submit’. 

 

When it says “The file was uploaded successfully”, click on the ‘System Restart’ button. 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Summary of Contents for FieldServer

Page 1: ...704 15 XML over HTTP Driver Driver Manual Supplement to the FieldServer Instruction Manual APPLICABILITY EFFECTIVITY Effective for all systems manufactured after October 2017 Driver Revision 1 15 Document Revision 2 E ...

Page 2: ...pport needs related to the FieldServer product Sierra Monitor Corporation 1991 Tarob Court Milpitas CA 95035 Website www sierramonitor com U S Support Information 1 408 262 6611 1 800 727 4377 Email support sierramonitor com EMEA Support Information 44 2033 1813 41 Email support emea sierramonitor com ...

Page 3: ...on Parameters 11 6 2 Server Side Node Parameters 11 6 3 Server Side Map Descriptor Parameters 11 6 4 Server Side Requests and Responses Supported 12 Appendix A XML Server Schema 13 Appendix B Status Parameter BITS Table 14 Appendix C Setting the Format of the Data Array Age 15 Appendix D Use of SSl TLS for Secture Connection 16 Appendix D 1 Configuring FieldServer as a SSL TLS Server 16 Appendix D...

Page 4: ...XML response and store different Elements uniquely identified by some attribute within the element The data of the matching Element is stored in the FieldServer Data Arrays the matching Element is stored in the FieldServer Data Arrays FieldServer Mode Comments Server This mode is always enabled within the XML driver and is requested by http ip address data_arrays xml where ip address corresponds t...

Page 5: ...ldServer Part 8915 10 UTP cable Connect to an Ethernet Port on the FieldServer N1 1 9 Switch Router WAN LAN Network The Ethernet connection can be achieved using a switch or crossover cable The driver will support all Ethernet connections on a local area network LAN or wide area network WAN including internet connections and crossover cable connections ...

Page 6: ...gal Values Data_Array_Name Provide name for Data Array Up to 15 alphanumeric characters Data_Array_Format Provide data format Each Data Array can only take on one format Float Bit Uint16 Sint16 Uint32 Sint32 Byte Data_Array_Length Number of Data Objects Must be larger than the data storage area required by the Map Descriptors for the data being placed in this array 1 10 000 Example Data Arrays Dat...

Page 7: ...the FieldServer as an XML client the driver independent FieldServer buffers need to be declared in the Data Arrays section the destination XML servers IP Addresses need to be declared in the Client Side Nodes section and the data required from the XML requests needs to be mapped in the Client Side Map Descriptors section Details on how to do this can be found below NOTE In the tables below indicat...

Page 8: ...can t be resolved the last known IP_address is used Any valid host name Response_End_Time Specify time duration in seconds that must elapse before a response is complete This parameter is useful while communicating to a server that sends responses in chunks and there is a large delay 2s between chunks 1 65535 2 Protocol Specify Protocol used XML HTTP HTTP XML Connection Specify which network adapt...

Page 9: ...eric characters Write_Command When using POST method this is the payload of the data sent to the address Up to 200 alphanumeric characters special parameters outlined in Section 5 3 4 allowed Linked_Map_Descriptor This is the active mapdescriptor responsible for fetching the XML data Up to 32 alphanumeric characters Element XML Element to store from the XML response The syntax is as follows Elment...

Page 10: ...val XML URL Method 0 DATA_ARRAYS XML GET Map_Descriptors Map_Descriptor_Name Function Data_Array_Name Data_Array_Index Node_Name CMD_RD_UINT16 PASSIVE_CLIENT DA_UINT16 0 FS_WEB_01 Length Linked_Map_Descriptor 100 CMD_DA_GET1 Map_Descriptors Map_Descriptor_Name Element Search_Value Search_Attribute CMD_RD_UINT16 DATA_ARRAYS DATA_ARRAY DATA DA_AI_01 name Method XML URL Write_Command POST post cgi DA...

Page 11: ...Explorer or Firefox Or this can be any other XML client application NOTE In the tables below indicates an optional parameter with the bold legal value being the default 6 1 Server Side Connection Parameters Section Title Connections Column Title Function Legal Values Connection Connection Name N1 N2 Protocol Specify protocol used XML HTTP HTTP XML IP_Port To specify on which port the HTTP driver l...

Page 12: ...xml name DA_REG01 01 5 name DA_REG02 01 5 DATA_ARRAYS FST_XML_VERSION 1 00 MAX_INDEX 5 BRIDGE_TITLE Lonworks Server DATA_ARRAY NAME DA_Group FORMAT Byte LENGTH 99 INDEX 1 DATA OFFSET 0 DATA_AGE 3 00 39 36 736s STATUS 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0...

Page 13: ...MAX_INDEX type xs string xs attribute name BRIDGE_TITLE type xs string xs complexType xs sequence xs element name DATA_ARAY xs attribute name NAME type xs string xs attribute name FORMAT type xs string xs attribute name LENGTH type xs string xs attribute name INDEX type xs string xs complexType xs element name Data type xs string xs attribute name OFFSET type xs string xs attribute name DATA_AGE t...

Page 14: ...or example a bad sensor out of range analog input trouble reliability etc DATA_VALID 0x0010 Data valid DATA_COPIED 0x0020 Copy of data made DATA_FNC_AFTER_STORE 0x0040 Function after store required on this data array DATA_OFFLINE 0x0080 Offline DATA_WAITING 0x0100 Waiting DATA_OLD 0x0200 Old DATA_EXPIRED 0x0400 Expired DATA_STARTUP 0x0800 Startup DATA_UNRELIABLE 0x1000 Data Reliability ...

Page 15: ... SS SSS accordingly The Disp_Time_Format defines if the time format follows H MM SS SSS or D HH MM SS SSS Section Title Bridge Parameter Function Legal Values Title Allows user to specify the title of the FieldServer Title Text Disp_Time_Format Time format of the data array age HH MM SS SSS D HH MM SS SSS Example Common Information Bridge Title Disp_Time_Format HTTP WEB XML Server HH MM SS SSS ...

Page 16: ...he following example sets the FieldServer to accept a secure Modbus TCP connection on port 1502 Appendix D 1 1 Simple Secure Server Configuration Add TLS_Port parameter in the connections section of the configuration file and set to a port number between 1 65535 Connections Adapter Protocol TLS_Port N1 Modbus TCP 1502 This configuration sets the FieldServer to accept any incoming connection but wi...

Page 17: ...the FieldServer with the following connection settings Connections Adapter Protocol TLS_Port Validate_Client_Cert Cert_Authority_File N1 Modbus TCP 1502 Yes my_authorized_clients pem This configuration has the FieldServer accept connections from clients who have the correct certificate The authority file is a collection of client certificates in PEM format This file can be edited using any text fi...

Page 18: ...mously known as common name host name or domain etc The common name can be obtained by the following methods Ask the certificate issuer for the host name Use online tools to decode the certificate for example https www sslshopper com certificate decoder html If the program openssl is installed on the local PC then run the following command to get the common name openssl x509 in certificate pem tex...

Page 19: ...s certificate against its own internal authority file before finalizing the connection By default this means the FieldServer will only establish connections to other FieldServers Remote_Node_TLS_Port Validate_Server_Cert Cert_Authority_File 1502 Yes my_authorized_servers pem The above configuration sets the FieldServer to use a specified PEM file to allow custom server connections The authority fi...

Reviews: