EasyManua.ls Logo

Siemens SIMATIC ET 200AL - Generating Server Certificates with STEP 7

Siemens SIMATIC ET 200AL
1585 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
OPC UA communication
9.3 Using the S7-1500 as an OPC UA server
Communication
174 Function Manual, 12/2017, A5E03735815-AF
8. Click "Open" to import the certificate.
The certificate of the client is now contained in the global certificate manager.
Note the ID of the client certificate just imported.
9. Click the "General" tab in the properties of the CPU that is acting as server.
10.Click "OPC UA > Server > Security > Secure Channel".
11.Scroll down in the "Secure Channel" dialog to the section "Trusted clients".
12.Double-click in the table on the empty row with "<add new>". A browse button is
displayed in the row.
13.Click this button.
14.Select the client certificate that you have imported.
15.Click the button with the green check mark.
16.Compile the project.
17.Load the configuration onto the S7-1500 CPU.
Result
The server now trusts the client. If the server certificate is also considered trusted, the server
and client can establish a secure connection.
9.3.2.7
Generating server certificates with STEP 7
The description below shows the procedure for generating new certificates with STEP 7 and
applies in principle to various uses of the certificates. STEP 7 sets the appropriate purpose -
in this case "OPC UA Client & Server" - depending on which area of the CPU properties is
used to start the following dialog.
Recommendation: To use the full functionality for the security of the OPC UA server, use the
global security settings.
The global security settings are enabled in the CPU properties under "Protection & Security
> Certificate manager".
Customizing server certificates
STEP 7 automatically generates a certificate for the OPC UA server of the S7-1500 when
you activate the server (see "Activating the OPC UA server (Page 161)"). In the process
STEP 7 uses the default values for the parameters of the certificate. If you want to change
the parameters, follow these steps:
1. Click the Browse button under "General > OPC UA > Server > Security > Secure channel
> Server certificate" in the properties of the CPU. A dialog is displayed that shows the
certificates available locally.
2. Click the "Add" button.

Table of Contents

Other manuals for Siemens SIMATIC ET 200AL

Preview: Manual
Manual86 pages
Preview: Equipment Manual
Equipment Manual46 pages

Related product manuals