Configuration
4.20 Security and protection
TIM 1531 IRC
94
Operating Instructions, 02/2018, C79000-G8976-C468-02
4.20
Security and protection
4.20.1
Certificate manager
Assignment of certificates
If you use communication with authentication for the module, for example SSL/TLS for
secure transfer of e-mails, certificates are required. You need to import certificates of non-
Siemens communications partners into the STEP 7 project and download them to the
module with the configuration data:
1.
Import the certificates of the communications partners using the certificate manager in the
global security settings.
2.
Then assign the imported certificates to the module in the table below the local security
settings of the module.
For a description of the procedure, refer to the section Handling certificates (Page 94).
You will find further information in the STEP 7 information system.
4.20.2
Handling certificates
Certificate for authentication
If you have configured secure communication with authentication for the module, own
certificates and certificates of the communications partner will be required for communication
to take place.
All nodes of a STEP 7 project with enabled security functions are supplied with certificates.
The STEP 7 project is the certification authority.
For the secure transfer of e-mails via SSL/TLS and SSL certificate is created for the module.
It is visible in STEP 7 in "Global security settings > Certificate manager > Device
certificates".
The table "Device certificates" shows the issuer, validity, use of a certificate
(service/application) and the use of a key. You can call up further information about a
certificate by selecting the certificate in the table and selecting the shortcut menu "Show".
The table also shows all other certificates generated by STEP 7 and all imported certificates.
If the module communicates with non-Siemens partners when the security functions are
enabled, the relevant certificates of the communications partners must be exchanged. To do
this, follow the steps below:
1.
Importing third-party certificates from communications partners
⇒ Global security settings of the project (certificate manager)
2.
Assigning certificates locally
⇒ Local security settings of the module ("Certificate ma
nager" table)