Configuring Fieldserver As Ssl/Tls Client - MSA fieldserver ProtoNode FPC-N54 Startup Manual
Hide thumbs
Also See for fieldserver ProtoNode FPC-N54:
- Startup manual (46 pages) ,
- Startup manual (42 pages) ,
- Operating manual (40 pages)
Table of Contents
Advertisement
10.1.2 Configuring FieldServer as SSL/TLS Client
The following Node configurations set the FieldServer to open a secure Modbus/TCP connection to Server
at IP Address 10.11.12.13 on port 1502.
Simple Secure Client Configuration
Add Remote_Node_TLS_Port parameter in the nodes section of the configuration file and set to a port
number between 1 – 65535.
Nodes
Node_Name
, Node_ID
, Protocol
PLC_11
, 11
, Modbus/TCP
The above configuration sets the FieldServer to connect to a remote server but does not request a server's
certificate for verification. This means that the FieldServer end point communication will be encrypted but
not authenticated.
If requested by a remote server, the FieldServer will send an embedded self-signed certificate.
Limit Server Access
Add the Validate_Server_Cert parameter to the client node section of the configuration.
.......
, Remote_Node_TLS_Port
........ , 1502
The above configuration sets the FieldServer to request and verify the server's certificate against its own
internal authority file before finalizing the connection. By default, this means the FieldServer will only
establish connections to other FieldServers.
.......
, Remote_Node_TLS_Port
........
, 1502
The above configuration sets the FieldServer to use a specified PEM file to allow custom server
connections.
The authority file is a collection of server certificates in PEM format. This file can be edited using any text
file editor (such as notepad). When the file has all required certificates, paste it into the PEM formatted
server certificate. Now the FieldServer will connect to a server if it can find the server's certificate in the
authority file.
NOTE: Cert_Authority_File is useful only if Validate_Client_Cert is set to 'Yes'.
To upload the Certificate to the FieldServer follow the directions for the authority file in Section 10.1.1.
Certificate Validation Options
Use the Check_Remote_Host element as described in Section 10.1.1.
Set up Client Certificate
Make sure the certificate is in PEM format. Otherwise, convert it to PEM format (reference the link below).
support.ssl.com/Knowledgebase/Article
Configure the FieldServer to use a custom certificate as shown below:
......... , Client_Cert_File
......... , my_client_cert.pem
, Adapter
, IP_Address
, N1
, 10.11.12.13
, Validate_Server_Cert
, Yes
, Validate_Server_Cert
, Yes
ProtoNode Start-up Guide
Additional Information
, Remote_Node_TLS_Port
, 1502
, Cert_Authority_File
, my_authorized_servers.pem
34
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the fieldserver ProtoNode FPC-N54 and is the answer not in the manual?
Questions and answers