Selecting certificate parameters – Rockwell Automation 1756-HIST2G Historian ME 2.1 User Manual
Page 171
9 • M
ANAGING
S
ECURITY
161
4. Select a Secondary server (optional). Enter the IP address or host name of a
secondary server.
If the connection between the FactoryTalk Historian ME and the FactoryTalk
Directory server is lost or becomes unavailable, then the FactoryTalk Historian
ME will attempt to locate a secondary security server. This can be any other
system in the network. It is recommended that you use a system that is always up
and running to avoid possible failure at login.
The secondary server must have the same configuration as the FactoryTalk
Directory server, including the FactoryTalk Services Platform CPR 9 SR2, IIS,
and web services.
5. If you selected the HTTPS protocol, select Yes or No to verify certificate
parameters. If you select Yes, use the drop-down menus to set certificate
parameters.
6. When you have finished making changes to the security settings, click [Save].
Selecting Certificate Parameters
When using the HTTPS protocol, you must upload the proper Certificate Authority
(CA) files. Before you save Certificate Parameters, go to the Advanced tab and
upload the certificate files on the Upload Management page. Select the appropriate
certificate or security file type from the File Type drop-down menu.
Set related certificate parameters as follows:
Verify Certificate Issuer
Select No if you do not want to specify a CA.
Select Yes if you want to specify a CA, and then complete the rest of the
parameter fields.
CA Certificate - the certificate of authority. This is necessary for secure HTTP.
Sever Certificate - this file is a digital certificate that has been issued to a server
and contains information about the server.
Private Key - private key for the web server.
Password - encryption code for SSL. Enter a password whether you are using a
CA or not.
See the “FactoryTalk Security Prerequisites” section for additional configuration
information.