Configure where to use the secure communication protocol (HTTPS)
The secure communication protocol HTTPS is a combination of the HTTP and a cryptographic protocol. If you choose to use HTTPS, communication through the web interface will be encrypted for security purposes.
The following items will use the HTTPS protocol. The list of options depends on the way that you chose to log on to the model under System Security. For details, see Configure how to log on to the module.
This option | Is available when you choose this logon method | |
|---|---|---|
FactoryTalk Historian ME Local Security | The FactoryTalk Directory | |
The FactoryTalk Historian webpages | x | x |
The FactoryTalk Directory | - | x |
TIP:
The FactoryTalk Historian webpages include the client page and the Web Diagnostics page.
To configure where to use the secure communication protocol (HTTPS)
- On theSystem Securitypage, underHTTPS Settings, select the type of HTTPS certificate:Certificate typeDescriptionSelf-signed certificateA certificate issued by the module, which holds its own private key. This type is chosen by default to provide a secure connection out of the box. The certificate is valid for five years.CA certificateA certificate issued by a trusted third party, for example, the IT security department in your organization. To use the CA certificate, you have to manually upload the CA certificate, server certificate, and private key files to the module. For details, see Upload files to the module.
- Depending on the type of certificate, do either of the following:
- For theSelf-signed certificatetype, complete the following:ItemDescriptionIssued toChoose the method with which you access the Historian webpages:
- IP address.The certificate will be issued to the IP address of the module. This is the default setting. The IP address is provided by the system automatically.
- Module name.The certificate will be issued to the module name. The module name is provided by the system automatically.
- Domain name.The certificate will be issued to the fully qualified domain name of the module.Type the domain name in the following format:<modulename>.<domainname>.<top-level domain>For example,module1.mycompany.com
Renew CertificateUse this button if:- You change the method with which you access the Historian webpages. In this way, a new certificate will be issued.
- Your certificate has expired, and you want to issue a new one.
TIP:If you renew the certificate for your module, you have to install it in the browser. To install the certificate in the browser, consult your network administrator. - For theCA certificatetype, complete the following:ItemDescriptionCA certificate fileSelect the certificate authority. This is necessary for using HTTPS.Sever certificate fileSelect the file that contains the digital certificate that has been issued to a server and contains information about the server.Private key fileSelect the file that contains the private key for the web server.Private key passwordType the encryption password used to secure the private key file.Verify the FactoryTalk Directory certificateSelect the checkbox to verify if the FactoryTalk Directory certificate is valid. The module will check if there is a certificate for the FactoryTalk Directory issued by a certificate authority. This option is only available if you set HTTPS for communication with the FactoryTalk Directory.
- ClickSave.If the configuration is incomplete, an error message appears prompting you to provide missing information.If the configuration is complete, a message appears.
- ClickOK.The configuration will be validated.If the configuration is successful, you will be logged out and taken to the logon page.Otherwise, an error message appears.TIP:If the configuration of the module is restored from a backup file, the communication is automatically set to HTTPS for connections with the Historian webpages.If the backup file contains security certificates, they will be used in the restored configuration. Otherwise, a default self-signed certificate will be generated and used.For more information on restoring configurations, see Back up and restore configuration files.
Provide Feedback