First access via TLS certificate
–
During commissioning, the CPU generates a TLS certificate during
the start-up.
–
The certificate is used for all Ethernet interfaces of the CPU and
includes all IP addresses.
–
When resetting to factory settings, a new certificate is automatically
generated.
To secure communication, the same security certificate must be installed in the PC and
CPU. You transfer the certificate generated by the CPU to your PC with the following pro-
ceeding:
1.
After logging into the WBM, you can view or respectively adjust the contents of the
automatically generated certificate via
‘Configuration
è
Web Services’
and re-gen-
erate it with [Re-generate HTTPS certificate] .
–
As soon as you change one of the IP addresses of the CPU,
you must regenerate the certificate via [Re-generate HTTPS
certificate].
2.
Navigate to the certificates via
‘Security
è
Certificate Authentication’
.
3.
Switch to the tab Identity Store.
ð
Here you have access to the generated certificate.
4.
Load the requested HTTPS certificate onto your PC with . Here you can also
transfer your own existing HTTPS certificate to the CPU.
5.
Install the certificate according to your Windows system as a trusted root certifica-
tion authority.
ð
After installation, communication between the PC and CPU takes place as a
‘secure connection’
.
CAUTION!
If the communication between PC and CPU is declared as an
‘insecure
connection’
during operation, either the certificate has changed, e.g. due
to an IP address change, or your system has been compromised by third
parties! Always make sure that either the current certificate of the CPU or,
if available, an associated higher-level certificate is installed on the PC!
Install certificate
iC9200 Series
Deployment
Web-based management - WBM > Overview and first steps
HB700 | CPU | PMC921xEx | en | 23-06
75
