1.General information
You can view all information on the current certificates at
This URL is also used to generate certificates from the HS/FS and/or to upload certificates onto the HS/FS. To retrieve this page, no user details are required; the individual functions demand this however. (See certificate management)
Behaviour during initial start of the HS/FS with firmware 4.7 or higher is described here.
https://HS_IP/hscert.This URL is also used to generate certificates from the HS/FS and/or to upload certificates onto the HS/FS. To retrieve this page, no user details are required; the individual functions demand this however. (See certificate management)
Behaviour during initial start of the HS/FS with firmware 4.7 or higher is described here.
2.Server
The interfaces listed in the table are available for all the ports of secure and unencrypted communication specified in the following:
| Interface | Call |
|---|---|
| Lists | /hslist |
| Visu / Menu / Query | /hs |
| QuadClient / Apps | From app/Program |
| Certificate management | /hscert |
| Communication object gateway | /cogw |
| HSUpload area | /opt |
Create certificate
Select here which type of certificate the device should use:
| Setting | Comment |
|---|---|
| Device creates certificate (with IP address as CN) | The device creates a certificate. When generating the certificate the IP address of the HS/FS is used as Common Name (CN). Generation can be triggered again under /hscert. |
| Device creates certificate (with configured CN) | The device creates a certificate. When generating the certificate, the text entered in the Common Name (CN) field is used as Common Name (CN). Generation can be triggered again under /hscert. |
| Load certification onto the device | The option for uploading a certificate has been released. The certificate to be uploaded must be available as a .pem file and must not be password-protected. Until a certificate has been uploaded, the device uses a certificate that was created according to the "Device creates certificate (with IP address as CN)” setting. |
Common Name (CN)
This text is used if a certificate is to be generated by the HS/FS for this port using the Device creates certificate (with configured CN) option.
2nd IP port (HTTPS)
Like 1st IP port (HTTPS). However, the use of this port is optional.
Standard setting (value): deactivates (8443).
Standard setting (value): deactivates (8443).
IP port (HTTP, unencrypted)
If this option is activated, a port can be defined for the unencrypted communication via HTTP.
Standard setting (value): deactivates (80)
If this option is used, project and firmware transfers are carried out unencrypted and the HS/FS end points (e.g. lists, archive, debug page, etc.) can be reached via HTTP and the port entered here.
Standard setting (value): deactivates (80)
If this option is used, project and firmware transfers are carried out unencrypted and the HS/FS end points (e.g. lists, archive, debug page, etc.) can be reached via HTTP and the port entered here.
4.Monitoring of certificates
Time (hh:mm)
Defines the time when the validity of the certificate is checked while in operation.
Default value: 00:01.
Default value: 00:01.
Generation (days before expiry)
If a certificate created by the HS/FS is only valid for the number of days specified here, a new certificate is created by the HS/FS.
The earliest possible point in time for an automatic regeneration is 90 days before expiry.
Default value: 1.
A Status object displays the difference (in days) between the current date and the next validity expiry of a certificate.
The earliest possible point in time for an automatic regeneration is 90 days before expiry.
Default value: 1.
A Status object displays the difference (in days) between the current date and the next validity expiry of a certificate.
Important
If a certificate that has not been generated with the HS/FS is loaded via the web interface (
https://HS_IP/hscert) onto the HS/FS, this setting has no effect!