Configuration
4.17 Creating telecontrol connections for the ST7 communication
CP 1243-8 IRC
122
Operating Instructions, 02/2018, C79000-G8976-C385-03
Exporting certificates for applications of third-party vendors (e.g. logging server)
For communication with applications of third-party vendors, the third-party application
generally also requires the certificate of the CP.
You export the certificate of the CP for communications partners from third-party vendors in
much the same way as when importing (see above). Follow the steps outlined below:
1.
In the STEP 7 project open the global certificate manager:
Global security settings > Certificate manager
2.
Open the "Device certificates" tab.
3.
In the table select the row with the required certificate and select the shortcut menu
"Export".
4.
Save the certificate in the file system of the PC of the connected engineering station.
Now you can transfer the exported certificate of the CP to the system of the third-party
vendor.
Certificate for logging server
If you use a logging server in your system, export the SSL certificate for the authentication of
the CP on the server.
Change certificate: Subject Alternative Name
STEP 7 adopts the properties "DNS name", "IP address", and "URI" from the parameter
"Subject Alternative Name" (Windows: "Alternative applicant name") from the STEP 7
configuration data.
You can change this parameter of a certificate inn the certificate manager of the global
security settings. To do this, select the a certificate in the table of device certificates and call
the shortcut menu "Renew". Properties of the parameter "Alternative name of the certificate
owner" changed in STEP 7 are not adopted by the STEP 7 project.
4.17
Creating telecontrol connections for the ST7 communication
Single and redundant connections
For ST7 communication of a communication module, you need to create at least one
telecontrol connection in the "Network data" editor.
If two subscribers can be reached via different networks, to establish path redundancy for
modules with multiple ST7 capable interfaces you create a maximum of two connections
between the two subscribers. You specify redundant connections in the "Connection path"
table (see below).
Not all communication modules have serial interfaces or only one Ethernet port with ST7
capability. These modules cannot use redundant paths.