Contents
Cirrus Link Resources
Cirrus Link Website
Contact Us (Sales/Support)
Forum
Cirrus Link Modules Docs for Ignition 7.9.x
Inductive Resources
Ignition User Manual
Knowledge Base Articles
Inductive University
Forum
...
MQTT Security Context allows secure command writes through MQTT Engine and MQTT Transmission by using custom tag permissions to authorize a tag write based on user.
When using Ignition Security Context, the user authorization security context is encrypted and included with the published write event message from MQTT Engine. At MQTT Transmission, the security context is decrypted and if the user is authorized to write to the tag, this results in a successful write , and the tag change is published. If the user is not authorized to write to the tag, there is no action taken.
Review the Standard Tag Properties table for details on setting the Security property. Tags must have write permission enabled. Tag write permissions can applied to the entire tag provider or on individual tags to guarantee the write security.
Note |
---|
To use this feature you must be using MQTT Engine and MQTT Transmission modules 4.0.10 or greater and Ignition 8.1.11 or greater |
...
...
In the Ignition Gateway web UI, navigate to the MQTT Engine Settings in the left side bar. From the Main tab, set the following elements in the Command Setting section.
...
Note |
---|
Block Node Commands and/or Block Devices Commands must be de-selected for the Include Security Context feature to be enabled |
...
In the Ignition Gateway web UI, navigate to the MQTT Transmission Settings in the left side bar. From the Transmitters tab, for each transmitter set the following elements in the Command Setting section.
Select the Security Context Hashing Algorithm algorithm to use when decrypting the Security Context.
Select checkbox Change Password? and set the Password to be used when encrypting the Security Context
Warning |
---|
The Security Context Hashing Algorithm and the Password must be the SAME as configured at MQTT Engine. |
Note |
---|
Block Commands must be de-selected for the Validate Security Context feature to be enabled |