89
4.8 Web-Based Management - WBM
1. To do this, select in the selection field [HTTPS-self-signed].
The configuration of the self-signed HTTPS certificate is listed in a table. You can adapt these accord-
ingly and generate new certificate files with [Apply].
2. Enter the according parameters.
• Distinguished name
– Enter your company information here for identification.
• Validity
– Enter the date in the format DD.MM.YYYY and the time in hh:mm:ss.
– If at Valid not before the input field is empty, the current date is used.
– If at Valid not after the input field is empty, the date 31.12.9999 and time 23:59:59 are used.
• Subject alternative names
– The IP addresses from the network configuration of the CPU are suggested by default.
– You have the option of expanding or adapting this or specifying a DNS name. Use to
add an entry. Use to remove an entry.
If the web server is to be accessible via different IP addresses without an error message, you have to
specify all IP addresses as Subject alternative names of the type IP address. If the CPU can be
reached via DNS name, you have also to specify this!
3. To apply the changes, click on [Re-generate HTTPS certificate].
The certificate is regenerated. This overwrites an existing self-signed HTTPS certificate.
4. Click on [Apply].
The certificate is used for authentication in the NGINX configuration.
Please note that reconfiguring the web service can affect the real-time behavior of your system.
Avoid this during productive operation.
4.8.5 Security
(1) Certificate Authentication
At [Certificate Authentication] you can manage your certificates for secure CPU communication. [Certificate
Authentication] is divided into the following tabs:
• Trust Store
– Trusted certificates and revocation lists of possible communication partners are stored here.
• Identity Store
– The personally created certificates are stored here.
• The name for each store can be used with the interfaces for TLS communication, e.g. TLS_SOCKET block in
IEC 61131-3 or TlsSocket class in C ++ or C#.
• The names of the stores are case-sensitive.
4
Deployment
To Next Page
Loading...
