Configuring with the WBM
7.3 The menu items of the WBM
SIMATIC RF185C, RF186C, RF188C, RF186CI, RF188CI
Operating Instructions, 04/2020, C79000-G8976-C512-03
91
OPC UA certificates
In the "OPC UA certificates" area you can view existing certificates, import new certificates,
accept client certificates that have not been accepted yet, and create certificate signing
requests.
All certificates must meet the requirements of the standard "X.509" and contain the
extensions required by OPC UA (e.g. "Alternative applicant"). For detailed information, see
the OPC UA specifications.
Table 7- 18 Description of the parameters
Parameter
Description
Certificate type
Selection of the certificate type
Select the required certificate type from the drop-down list and click on the
"Update" button to display the certificates matching the selected certificate
type.
•
Server certificates
OPC UA server certificate of the communication module
•
Client certificates
OPC UA client certificates of the communication partner of the communica-
tion module.
•
CA certificates
Root certificates from certification authorities. Certification authorities are
organizations that issue signed certificates that were derived from their cer-
tificates for network participants. This means the CA certificates are root
certificates for the client certificates. Client certificates for which a valid CA
certificate exists are automatically accepted during connection setup.
•
Issuer certificates
Root certificates from certification authorities. Unlike CA certificates, client
certificates derived from issuer certificates must still be accepted and per-
mitted by an administrator with the "Accept" button.
Note that the selection of the certificate type has an effect on the display of the
subsequent parameters.
Certificates
List of all existing certificates
The certificates included in this list with a black background are considered as
trustworthy by the communication module. To display details of a certificate,
select the required certificate in the list. The selected certificate field is high-
lighted in color.
Certificates displayed in red are not classified as trustworthy. A client using
such a certificate cannot establish a connection to the OPC UA partner. These
certificates must still be accepted and permitted by an administrator with the
"Accept" button. Certificates displayed in black have already been accepted
and are classified as trustworthy.
Depending on the selected certificate type, you can delete existing certificates.
To do so, select the desired certificate in the list and click on the "Delete" but-
ton.