Versions Compared

Old Version 3

changes.mady.by.user Nathan Davenport

Saved on

compared with

New Version 4

changes.mady.by.user Nathan Davenport

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
convert-ignition-keystore
convert-ignition-keystore

NOTE: Ignition 8 OnlyThe procedure below is only applicable when running pre-4.0.4 modules. Manually configuring MQTT Distributor to consume a Java Keystore is supported and will work properly when running pre-4.0.4 modules, but it is no longer the recommended process for encrypting MQTT communication. If possible, please upgrade to modules version 4.0.4 or higher and follow the default workflow to secure MQTT communication. 


Whether you are using a certificate issued by a trusted CA (Certificate Authority) or a self-signed certificate, internally MQTT Distributor accesses these certificates via the Java KeyStore file that it is configured to use. This KeyStore must contain the public certificate, the private key, and possibly an intermediate certificate if applicable. If you've already SSL enabled your Ignition web server 

  1. Backup <ignition_install_dir>/webserver/ssl.pfx
  2. Launch Keystore Explorer and create a new keystore of type JKS.
  3. Import key pair of type PKCS #12
    1. Decrytion Password = ignition
    2. Click OK to reuse the existing keypair alias
    3. Give the new key pair a password of 'ignition' (or whatever you want)
    4. Click OK to complete import
  4. Save the keystore and give it the same password provided in Step 3c.
  5. Give the keystore file a name with the extension '.jks'

...