Certificates 133
User Guide v 2.0 — March 2023 System Setup
Table 10-6 give the certificate Management utility descriptions (right side of window).
The certificate validity periods are described as follows:
Server Certificates
• Certificate Key Size – 2048 bits.
• Certificate Validity Period – The server certificate validity period is 63 months (5 years,
plus 3 months).
• Expiration Monitoring – The controller monitors all server certificates to see if they are
close to expiring or are already expired. The extra 3 months of the validity period is used
to warn you that the certificate will expire soon. An alarm will be shown on the HMI for
you to acknowledge.
Client / User Authentication Certificates
• Certificate Key Size – 2048 bits.
• Certificate Validity Period – The server certificate validity period is 27 months (2 years,
plus 3 months).
• Expiration Monitoring – The controller monitors all client and user authentication
certificates to see if they are close to expiring or are already expired. The extra 3 months
of the validity period is used to warn you that the certificate will be expire soon. An alarm
will be shown on the HMI for you to acknowledge.
Table 10-6 Certificate Management Utility Descriptions
Item Description
Certificate Type (radio
buttons)
Choose the type of certificates to manage by selecting a specific radio
button.
Certificate Status The system will display the following statuses: ‘Not Installed’, ‘Installed’
or ‘Expired’.
Display Certificates Touch this button to see a dialog with all the user authentication
certificates installed on the system.
Create Certificate Touch this button to create a self-signed user authentication certificate
and export it to a USB drive.
Import Certificate Touch this button to see a dialog that lets you import a ".der" certificate
into the ‘Clients’ store.
Move Certificate to
Untrusted Store
Touch this button to see a dialog that lets you select a specific client
certificate and move it to the ‘Untrusted Certificates’ store.
This is normally done when a certificate’s public or private key has been
comprised and cannot be relied upon to provide secure
communication.
Move Certificate to
Trusted Store
Pressing this button will display dialog to allow the user to select a
specific client certificate and move it to the ‘Trusted’ store.
This is done when it is determined that the certificate can be trusted or
it was moved by mistake.
To Next Page
Loading...
