Configuration
4.8 Security
CP 1243-1
56 Operating Instructions, 12/2016, C79000-G8976-C365-02
Handling certificates
Certificate for authentication
If you have configured secure communication with authentication for the CP, own certificates
and certificates of the communications partner will be required for communication to take
place.
All nodes of a STEP 7 project with enabled security functions are supplied with certificates.
The STEP 7 project is the certification authority.
Note
No certificate with security functions disabled.
If the security functions of the CP are disabled in the STEP 7 project, no certificate will be
generated for the CP.
For the secure transfer of e-mails via SSL/TLS and SSL certificate is created for the CP. It is
visible in STEP 7 in "Global security settings > Certificate manager > Device certificates".
The table "Device certificates" shows the issuer, validity, use of a certificate
(service/application) and the use of a key. You can call up further information about a
certificate by selecting the certificate in the table and selecting the shortcut menu "Show".
The table also shows all other certificates generated by STEP 7 and all imported certificates.
If the CP communicates with non-Siemens partners when the security functions are enabled,
the relevant certificates of the communications partners must be exchanged. To do this,
follow the steps below:
1. Importing third-party certificates from communications partners
⇒ Global security settings of the project (certificate manager)
2. Assigning certificates locally
⇒ Local security settings of the CP ("Certificate manager" table)
These two steps are described in the next two sections.
Importing third-party certificates from communications partners
Import the certificates of the communications partners of third-party vendors using the
certificate manager in the global security settings. Follow the steps outlined below:
1. Save the third-party certificate in the file system of the PC of the connected engineering
station.
2. In the STEP 7 project open the global certificate manager:
Global security settings > Certificate manager
3. Open the "Trusted certificates and root certification authorities" tab.
4. Click in a row of the table can select the shortcut menu "Import".
5. In the dialog that opens, import the certificate from the file system of the engineering
station into the STEP 7 project.
To Next Page
Loading...
Need help?
General
