Verifying the certificates
After running the Certificate Wizard or manually setting up certificates it is important to confirm that communication within
your system is secure.
Prerequisites: You ran the Certificate Wizard or created and imported your own certificates.
NOTE: The platform and the station share the same trust store, while the
Perform the following steps:
- From the local platform, double-click on Certificate Management and verify that the certificates were installed:
- The server certificate appears in the User Key Store.
- The new root CA certificate appears in the User Trust Store. This is a copy of the root CA certificate exported with the public key.
- From the
- Confirm that the new root CA certificate created by this instance of the
Notice that the root CA certificate was not imported into the
- To import the root CA certificate into the
~certManagement, and click OK.
- Verify that the TLS level for each of the following is set to TLSv1.2:
- Platform TLS Settings — Using the Platform Administration tool, view the
Change TLS Settingsoption and verify theProtocolvalue. - Station Web Service — In a station connection open a Property Sheet view on the Web Service and verify the
Https Min Protocolproperty value. - Station Fox Service — Open a Property Sheet view on the Fox Service and verify the
Foxs Min Protocolproperty value.
- Platform TLS Settings — Using the Platform Administration tool, view the
- Select the appropriate server certificate for use in secure platform and station connections.
- Set the new server certificate to be used for secure platform (niagarad) communications.
- Set the new server certificate to be used for secure station communications via Fox and Web services.
For details, refer to the Niagara Station Security Guide