Siemens SIMATIC RF185C Operating Instructions Manual page 92

Configuring with the WBM
7.3 The menu items of the WBM
Parameter
Certificate details
Blacklists
Blacklist details
Import OPC UA
certificate
Certificate signing
request (CSR)
92
Description
List with detail information on the selected certificate
Detailed information about the certificate details is available in the X.509
specifications.
List of all blacklists
This area is only displayed when the certificate types "CA certificates" or "Is-
suer certificates" were selected. A blacklist is issued by a certificate authority.
A blacklist must be stored for each CA certificate and issuer certificate. Black-
lists give certification authorities the option to lock client certificates again that
they have issued and signed.
The certificates listed in a blacklist are locked for communication with the
communication module. To display the details of a blacklist, select the required
blacklist in the list. The selected blacklist is highlighted in color.
To delete blacklists from the list again, select the desired blacklist in the list
and click on the "Delete" button.
List with detail information on the selected blacklist
Detailed information about the blacklist details is available in the X.509 specifi-
cations.
In this area you can transfer the OPC UA certificate files to the communication
module.
Valid formats:
*.p12, *.pfx
•
Binary file format, in which the certificate file and the certificate key file are
stored in a single file. This file is usually protected by a password. Enter
the password in the text box at the bottom. Note that this format can only
be used for server certificates.
*.cer, *.crt, *.der, *.pem
•
Binary or text coded file format, in which the certificate file and the certifi-
cate key file are stored in separate files. Note that the server certificates
necessarily require a separate certificate key file. For client certificates, CA
certificates and issuer certificates, only the certificate file is specified. The
certificate file and the certificate key file can be either binary or text coded.
*.crl
•
Binary or text coded file format for blacklist files. These blacklists are nec-
essarily required for CA certificates and issuer certificates. In this case, se-
lect the certificate file and the blacklist file before you click on the "Import"
button. If a matching blacklist has already been stored on the communica-
tion module, a CA certificate or issuer certificate can be transferred by it-
self.
Note that only files with the file extension *.crl can be used for blacklists.
Once you have imported a server certificate, you still need to activate it.
Button to create a certificate signing request.
This area is only displayed when the certificate types "Server certificates" is
selected.
Click the "Create CSR" button to create a certificate signing request (CSR).
The CSR file contains all relevant information of the installed server certificate.
A CA (Certificate Authority) can create a signed, module-specific server certifi-
cate using this file that you can then import into this module.
SIMATIC RF185C, RF186C, RF188C, RF186CI, RF188CI
Operating Instructions, 04/2020, C79000-G8976-C512-03