earth_america
user_standard Log on
earth_america
Log on to rate and give feedback 1 2 3 4 5 Log on to rate
0
How to

How to


Products: Device Administrator, Esmi Sense FDP
Functionalities: Security
12/2/2024

Generating an SSL Root Certificate Using Device Administrator

You generate a root certificate on the Device Administrator so that the Device Administrator can communicate with field servers using HTTPS.

Note:

When you create a root certificate, make sure to give it a unique name. If you have more than one root certificate installed in Windows or another operating system, the validation of the root certificate might fail.

Show More
action_close

Certificates are used to increase the security of the communication between Device Administrator and field server.

Certificates are used to establish a trust chain between Device Administrator and the automation servers. A trusted chain communication with HTTPS consists of two parts:

  • An SSL root certificate installed in Windows on the computer that runs Device Administrator

  • An SSL certificate on the automation server

Both Device Administrator and automation servers supports self-signed certificates as well as CA certificates. Device Administrator allows you to create your own self-signed certificate.

Import and export

Certificates can be imported and exported. For example, you have established a trust chain between computer 1, running Device Administrator, and a list of field servers. You want to access the samefield servers using computer 2. In this case, you install Device Administrator on computer 2, export the SSL root certificate from computer 1, and import it to computer 2.

For more information, see Exporting an SSL Server Root Certificate Using Device Administrator .

For more information, see Importing a Certificate to a Field Server Using Device Administrator .

Deleting a certificate

Certificates can be deleted from the EBO server using Device Administrator.

For more information, see Deleting an SSL Certificate on a Field Server Using Device Administrator .

Backup

The certificates are included in the field server’s backup. You do not need to generate a new certificate if you restore a field server from a backup generated after the certificate was transferred to the field server if you retain the original root certificate.

Device Administrator certificate workflow

Use this workflow to create a trusted chain between Device Administrator and field server using a self-signed certificate.

For more information, see Device Administrator Certificate Workflow .

Use this workflow to create a trusted chain between Device Administrator and field server using a CA certificate.

For more information, see Device Administrator CA Certificate Workflow .

Certificates and licensing

Certificates generated and installed using Device Administrator must be used when activating licenses.

Certificates generated using Workstation cannot be used for licensing in field servers since these certificates do not provide a root certificate or other trust chain for validation. If you use WorkStation certificates, we recommend that you generate new ones for your field servers from Device Administrator when you use licensing in field servers.

For more information, see Field Server Licensing Overview .

To generate an SSL root certificate using Device Administrator
  1. In the Device Administrator, click Servers .

  2. Click SSL Root Certificate .

  3. Enter the values.

  4. Click Generate root certificate .

  • Certificates Managed using Device Administrator
  • Device Administrator Certificate Workflow
  • SSL Root Certificate Dialog Box