Configuring secure platform communication
Platform and station security are independent of one another. The system defaults to enabling secure communication for both
platform and station. Configuring a platform (Niagarad) for secure communication (platformtls) involves confirming the port,
selecting the signed server certificate to use, and, if required, restricting the TLS protocol version.
A station's window into the platform-resident secure communication features is just like any other Platform Service under the station's Platform Administration node in the Nav tree. This means that anything configured for a platform is independent of whatever station is running. Follow
this procedure for the Supervisor and all remote controller platforms.
Perform the following steps:
- Double-click Platform, double-click Platform Administration and click Change TLS Settings.
The Platform TLS Settings window opens.
Default settings are:
State:TLS only. This can be changed on the controller toEnableorDisable.- Daemon HTTPS
Port:5011Certificate:tridium. If you are using a separate certificate for verifying niagarad communication, this is where you select the certificate which is already imported into the Certificate Management User Trust Store. Protocol:TLSv1.0+. This can be set to another version via the dropdown list or set during the certificate generation process.
- Configure the properties as needed and click Save.