Configuring the WebService
This procedure configures the hub station’s default WebService with a server.
Prerequisites: The station’s User Key Store contains a certificate signed by your site Secure Connect CA certificate with which to authenticate incoming hub or direct
connections.
Configuring the SC server certificate as an additional certificate is not recommended because BACnet devices may not include an SNI header. You can configure additional server certificates in the WebService to be presented to browser connections using the AdditionalHttpsCerts component from the web palette. The certificates presented to browsers are signed by a CA certificate in the browser's System Trust Store.
Perform the following steps:
- Expand and double-click WebService.The WebService Property Sheet opens.
- Select the hub’s server certificate from the
Main Https Certdrop-down list and click Save.This configures the WebService.
The server certificate assigned to the WebService must be signed by the secure connect site CA certificate. In the WebService, you can configure additional certificates that are signed by a CA certificate in the system and/or a Browser Trust Store.
The
Subject Alternate Names property in these additional certificates is configured to present the certificates to browser connections based on an SNI
header in the browser's connection request.