Install a Device Certificate
Follow the steps below to install a device certificate in the Anybus CompactCom.
You may have to install a CA certificate in your browser. See Appendix E: Installing a CA Certificate in Windows for more information.
Create a device certificate, e.g. by using the tool from HMS Networks.
Select the Security tab in the column to the left on the start page. When delivered, the device has an initial device certificate installed. This certificate is not shown in the list, and can never be removed. Its sole purpose is to make it possible to access the internal web pages. The device will revert to this certificate if factory default settings are restored or if no certificate is configured for HTTPS.
Add a new device certificate and proceed with the installation.
Figure 4.
Cut & paste the certificate text and the device certificate private key according to the instructions on the web page. Make sure that the certificate is issued by someone you trust. The certificate must be in PEM format.
Figure 5.
If the certificate is to be used by HTTPS, it is important that the subject name “CN” parameter is set to the device address (IP number or DNS name).
Figure 6.
The device certificate is now listed on the security web page.
Figure 7.
Click on the device certificate to view the certificate information.
Figure 8.
The installed certificate can be used for HTTPS, MQTT and/or for OPC UA. Select the correct option for the newly installed certificate. For more information on requirements for OPC UA certificates please refer to OPC UA Specification 1.04: Part 6 – Mappings, section 6.2 Certificates.
Restart the module by switching the power off and on. The connection is still not trusted, unless a publicly signed certificate is used, or if you have already installed the CA certificate used to sign the device certificate in your browser. You may have to restart your browser.
Figure 9.
Figure 10.