Siemens SIMATIC ET 200AL System Manual page 1198

4. Set the parameters for secure communication in the "Start value" column.
– "ActivateSecureConn": Activation of secure communication for this connection. If this
– "TLSServerReqClientCert": Request for an X.509-V3 certificate from the TLS client.
– "TLSServerCertRef": ID of the own X.509-V3 certificate.
– "TLSClientCertRef": ID of the X.509-V3 certificate (or a group of X.509-V3 certificates)
5. Create one of the instructions TSEND_C, TRCV_C or TCON in the program editor.
6. Interconnect the CONNECT parameter of one of the instructions TSEND_C, TRCV_C or TCON
with the tags of the data type TCON_QDN_SEC.
In the example below, the CONNECT parameter of the TCON instruction is interconnected
with the tag "DNS connectionSEC" (data type TCON_QDN_SEC).
Figure 3-23
Communication
Function Manual, 05/2021, A5E03735815-AJ
parameter has the value FALSE, the subsequent security parameters are irrelevant. You
can set up a non-secure TCP or UDP connection in this case.
Figure 3-22 Certificate handling from the perspective of the S7-1500 as TLS server
that is used by the TLS server to validate TLS client authentication. If this parameter is
0, the TLS server uses all (CA) certificates currently loaded in the server certificate store
to validate the client authentication.
TCON instruction
Communications services
3.6 Secure Communication
77