Protect the connection between the web server of the controller and the visualization client with the following measures against unwanted access:
-
Configure an HTTPS connection (encryption with SSL/TSL) between the visualization client and the web server.
-
Restrict access to the visualization and configure a visualization user management.
Configure an encrypted connection.
An HTTPS connection between the web server and the visualization client requires authentication of the web server by means of a certificate. You can create a self-signed certificate in the “Security Screen”.
-
Click “View Security Screen”.
-
Create a certificate for the web server on your controller.
The certificate data for the web server is displayed.
-
Stop your controller.
-
Restart the controller.
The new certificate is active.
-
Download your application to the controller.
-
Open your browser and specify the URL address of your web server.
The URL of a secure connection corresponds to the following format:
https:// <IP address/URL> :443/ <name of HTM file> .htm.The HTML file name has to match the configured name as it is set in the “Visualization Manager” object below the WebVisu variant. You will find the IP address of the controller in the device editor when the a connection is active.
Example:
https://localhost:443/webvisu.htmThe browser establishes a connection. If the certificate is not rated as trusted, then a security notice appears.
-
Confirm that you know the risk and want to proceed.
You have created self-signed certificate and confirmed it as trusted.
Now start the web application with the visualization. The lock symbol in the browser indicates secure communication.
See the chapter "Run as CODESYS WebVisu", which describes in detail how you use certificates in the security screen.