Recommended verifications
The platform and the station share the same certificate management stores, while the
Verify that the new certificates are installed into Certificate Management.
From the remote controller platform, double-click on Certificate Management and verify that the certificates were installed:
- The new server certificate appears in the User Key Store.
- The new root CA certificate appears in the User Trust Store. This is a copy of the root CA certificate exported with its public key.
From the
- Confirm that the new root CA certificate created by this instance of the
- Notice that the root CA certificate was not imported into the User Trust Store of the
To do this within Certificate Management: Click Import, locate and select the new root CA certificate in
~certManagement, and click OK.
Verify that the TLS level for each of the following is set to TLSv1.2:
NOTE: TLSv1.0 and TLSv1.1 are still supported for backwards compatibility, but it is recommended to use TLSv1.2 and higher.
- Platform TLS Settings — Using Platform Administration, view the Change TLS Settings option and verify the Protocol value.
- Station Web Service — In a station connection open a Property Sheet view on the Web Service and verify the Https Min Protocol property value.
- Station Fox Service — Open a Property Sheet view on the Fox Service and verify the Foxs Min Protocol property value.
Additional recommendations
If you are currently reading the Niagara Platform Guide, typically, you need to select the appropriate Server Certificate for use in secure platform and station connections.
- Set the new server certificate to be used for secure platform (niagarad) communications.
- Set the new Server Certificate to be used for secure station communications via Fox and Web Services.
For details, refer to the Niagara Station Security Guide.