Versions Compared

Old Version 1

changes.mady.by.user Gill Houghton

Saved on

compared with

New Version 2

changes.mady.by.user Gill Houghton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

SSL/TLS Enable the Ignition Web Server

Self-signed certificates can be used with Ignition and the Cirrus Link modules and they are useful for testing environments and non-public networks.  

Warning
Self-signed certificates should not be used in a production environment on a public network.

Ignition has made it simple to load a self-signed certificate through the Setup SSL / TLS wizard but there are additional steps needed to be able to use that certificate with the MQTT modules. 

Review the following list for the required certificates:   

  • Private Key
  • Certificate Signed By A Certificate Authority (CA)
  • Any Intermediate CA Certificates (Provided by your CA)
  • Root CA Certificate (Provided by your CA)

Follow the steps outlined in the Ignition Secure Communication (SSL / TLS) document using the Certification wizard to import the certificates needed to SSL enable the Ignition Web Server.

You will be warned of a Potential Security Risk and will need to Accept the Risk and Continue  Image Modified

Once configured, you will be able to view the SLL/TLS Certificate details which should be displayed similar to the image below:

Image Modified

Configure MQTT Distributor to use SSL/TLS

Once the Ignition Web Server has been SSL enabled, enable SSL/TLS for MQTT Distributor by selecting the "Enable TLS" configuration setting under TLS Setting section for MQTT Distributor.

Click Save to confirm the configuration update.
Image Modified

MQTT Modules

Upload Root CA Certificate

The MQTT Engine and MQTT Transmission modules will both require the Root CA Certificate to be upload and applied. Navigate to the Servers > Certificates section for each module and select Create New Certificate.

Browse to your Root CA Certificate file to upload, configure a friendly name and Save Changes.

Tip
If you do not have access to or cannot easily locate your Root CA Certificate, review the How do I download the Root CA Certificate loaded for Ignition tutorial 

Image Modified

Configure MQTT Distributor to use SSL/TLS

Enable SSL/TLS for MQTT Distributor by selecting the "Enable TLS" configuration setting under TLS Setting section for MQTT Distributor.

Click Save to confirm the configuration update.
Image Modified

Configure MQTT Engine and MQTT Transmission to use SSL/TLS

For MQTT Engine and MQTT Transmission to connect to Distributor over SSL/TLS you will need to update each Server configuration.

For each module, navigate to the Servers Settings Main section and update the URL for your environment.
Image Modified

Navigate to the TLS section and select your certificate file as the CA Certificate File. Click Save to confirm the configuration update.

Image Modified

MQTT Engine and Transmission should now show connected to Distributor over SSL/TLS. 

Image Modified