Certificates serve a variety of purposes depending on how the certificates’s Key Usage field is configured. To reduce complexity, NiagaraAX 3.7 and later arbitrarily manages these types of certificates:
A server certificate resides with its matching private key in the Key Store on the server (JACE or Supervisor). No password is required to use this certificate.
A CA certificate is used to sign other certificates. The private key requires the creation of a password on export and the provision of a password on import.
A root CA certificate exported with only its public key serves as a client certificate in the Workbench and station Trust Stores of each client.
Copyright © 2000-2016 Tridium Inc. All rights reserved.