Enable the Web Service connection

1. Connect to the station.

2. Expand the station’s ConfigServices node in the Nav tree and double-click Web Service.

   The Web Service properties appear.

   
   
   

3. Set Https Enabled to true.

   Ideally, you want to set Http Enabled to false (that is, you want to turn off Http completely) and Https Enabled to true, but sometimes this configuration is not practical. If you are implementing SSL security in an existing system, you may have many pointers to the old Http port number. Between the highlighted properties above is Https Only. If this property is set to true, and an attempt is made to connect using Http, NiagaraAX redirects the connection to the secure SSL connection (Https). This saves having to manually change each occurrence of the Http port. For more information, see Web Service configuration properties.

   Https Min Protocol is already set to SSL and TLS.

   Leave Https Cert configured to use the default tridium certificate until you have a signed certificate to use here.

4. Click Save.

Confirm the Fox Service connection

The Fox Service's Foxs Enabled property is automatically set to true when enabling the Web Service Https feature. This procedure verifies that the Foxs Service is enabled.

If a station is configured for Https it must also be configured for Foxs. If either setting is disabled while the other is enabled, an error message appears at login.

1. Under the station, expand the ConfigDrivers node in the Nav tree, right-click Niagara Network, click Views > Property Sheet, and expand the Fox Service properties.

   The NiagaraNetwork properties contain the Fox Service properties.

   
   
   

2. Notice that Foxs Enabled is already set to true.

   If you enabled Https in the Web Service, the system automatically enabled Foxs in the Fox Service; there’s nothing to change here.

   Ideally, you want to set Fox Enabled to false (that is, you want to turn off Fox completely) and Foxs Enabled to true, but sometimes this configuration is not practical. If you are implementing SSL security in an existing system, you may have many pointers to the old Fox port number. Between the highlighted properties above is Foxs Only. If this property is set to true, and an attempt is made to connect using Fox, NiagaraAX redirects the connection to the secure SSL connection (Foxs). This saves having to manually change each occurrence of the Fox port. For more information, see Fox Service configuration properties.

3. Notice that the same default tridium certificate (Foxs Cert field), which was used for the platform is selected here.

   Even though this default name is the same for each JACE, this server certificate is unique to this platform (and station).

   If you choose to use a different certificate for your Fox Service from that used with your Web Service, this is where you would specify it.

Enable NiagaraNetwork

1. Right-click the Drivers node in the Config folder and click Views > Property Sheet.

2. Expand the NiagaraNetwork property.

   
   
   

3. Confirm that Enabled is set to true.

Set up client/server relationships

At any given time, the Supervisor station may be the client of the JACE station and vice versa. This procedure confirms that a client for the Supervisor station exists in the JACE station and a client for the JACE station exists in the Supervisor.

1. Expand the DriversNiagaraNetwork node in the Supervisor Nav tree. It should contain a node for the JACE station.

   
   
   

2. Expand the DriversNiagaraNetwork node in the JACE Nav tree. It should contain a node for the Supervisor station.

Enable clients and configure them for the correct port

1. If it is not already open, double-click the NiagaraNetwork node in the Nav tree of both the Supervisor and the JACE stations.

   The Station Manager view opens.

2. Double-click the client station under the client in the Database pane.

   For the Supervisor station, this is the JACE station as client; and for the JACE station, this is the Supervisor station as client.

3. For each client, confirm that the Fox Port is set to 4911, and that Use Foxs is set to true.

Temporarily approve the self-signed certificates

1. For each client, click ToolsCertificate Management.

2. Click the Allowed Hosts tab.

3. Select the default self-signed certificate and click Approve

   When certificate configuration is complete, you should delete this approval from the Allowed Hosts list for each station. Approving an unrecognized host limits the effectiveness of SSL security and should not be done unless you know for sure that the host is trustworthy.