Secure Ouc Via E-Mail - Siemens SIMATIC ET 200AL System Manual
Distributed i/o system
Hide thumbs
Also See for SIMATIC ET 200AL:
- System manual (2255 pages) ,
- Manual (86 pages) ,
- Equipment manual (46 pages)
Table of Contents
Advertisement
Open User Communication
6.11 Secure Open User Communication
4. Set the parameters for secure communication in the "Start value" column. Enter the
certificate ID of the CA certificate of the communication partner, for example, for
"TLSServerCertRef".
– "ActivateSecureConn": Activation of secure communication for this connection. If this
– "TLSServerCertRef": Reference to the X.509 V3 (CA) certificate of the Modbus TCP
5. Create an MB_CLIENT instruction in the program editor.
6. Interconnect the CONNECT parameter of the MB_Client instruction with the tags of the
data type TCON_IP_4_SEC.
6.11.6
Secure OUC via e-mail
Setting up a secure connection to a mail server over the CPU interface
For secure communication to a mail server you need to create a data block with one of the
system data types TMAIL_V4_SEC, TMAIL_QDN_SEC yourself, assign parameters and call
it directly at the TMAIL_C instruction.
Requirements:
● TMAIL_C instruction version V5.0 or higher
● STEP 7 V15 and higher
● S7-1500 CPU V2.5 and higher
● You have assigned all the CA certificates of the mail server (TLS server) to the CPU (TLS
client) and have downloaded the configuration to the CPU.
● Current date and time are set in the CPU.
Process for establishing a secure connection to the mail server
You can choose between two processes for establishing the secure connection to the mail
server:
● SMTPS: The client attempts to immediately establish a TLS connection to the mail server
("handshake" process). If the mail server does not support TLS, then no connection is
established.
● STARTTLS: Client establishes a TCP connection to the mail server. The client sends a
request to "upgrade" the existing connection to a secure TLC connection over the TCP
connection. If the mail server supports TLS, the client sends the command to establish a
secure connection. The mail server uses the SMTP command "STARTTLS" to do this.
The client then establishes a secure connection to the mail server. Advantage: If the mail
server does not support TLS, client and mail server can communicate unsecured with
each other.
108
parameter has the value FALSE, the subsequent security parameters are irrelevant. In
this case you can set up an unsecured Modbus TCP connection.
server, which is used by the TLS client to validate the authentication of the Modbus
TCP server.
Function Manual, 12/2017, A5E03735815-AF
Communication
Advertisement
Chapters
Table of Contents
