Changing TLS Platform settings

This function on the Platform Administration view configures a secure (TLS) platform connection, as well as changes related to secure platform connection (platformtls) properties.

You are connected to the platform.
  1. Double-click the Platform node in the Nav tree or expand Platform, double-click Platform Administration and click Change TLS Settings.
    The Platform TLS Settings window opens.

  2. If you are configuring a remote controller you may change State, Port, and Protocol.
    When connected to a PC, State is set to TLS only, the daemon HTTP Port requires 5011 (3011 is disabled in TLS settings), and Protocol must be TLSv1.2+ (or later).
  3. Select the Certificate Alias from the drop-down list and supply its password.
  4. To continue, click Save.
    When you click Save after making any changes, the changes are immediately applied. Often this means your current platform connection closes, and then opens in Workbench.

    For example, if you change the Port from (default) 5011 to another port number, your reopened platform TLS connection uses the new port, shown in parentheses (nnnn) to indicate that a port other than the default is being used.

    As of Niagara 4.13, you select the appropriate certificate alias from the drop-down list and provide the password that is assigned to it. If the selected certificate and the entered password do not match, the framework notifies you that the TLS changes you tried to save failed, and the default certificate is used instead. The default certificate is uniquely generated for each installation and cannot be deleted. This is the message displayed in the Platform Administration view.

  5. If you changed the Port, before closing the host (removing it from the Nav tree), carefully note the new secure platform port number. In the future you must specify the port number when making a secure connection to this remote platform.