2.5. Set up Relay/Dependent Server Secure Connection
- Trust the relay server from the dependent server.
- Copy the CIMPLICITY root certificate CimScadaConfigRootCA.crt
located at <installation_path>\Proficy\Proficy
CIMPLICITY\ScadaConfigPki from the relay server machine to the same
location on dependent server machine.Note: You must install CIMPLICITY server on Webspace dependent server to enable Webspace authentication. However, CIMPLICITY Viewer license would suffice.
- Copy the CIMPLICITY root certificate CimScadaConfigRootCA.crt
located at <installation_path>\Proficy\Proficy
CIMPLICITY\ScadaConfigPki from the relay server machine to the same
location on dependent server machine.
- Enter the Relay server and its admin credentials in the Dependent Server section of
CIMPLICITY Options to allow the Webspace Session Manager to trust CimView.
- Select the Dependant Server tab in the bottom section.
- In the Relay Server text box, enter the host name or fully qualified domain name of the relay server to which the dependent server will connect.
- Enter the user name and password set on the single/relay server in the Administrator Credentials section.
- Select the Test button. A success message appears if the dependent server is securely communicating with the relay server.
- Select Apply.
- Select Ok.
- Rename the root certificate copied from the relay server. Example: Rename to 'CIMSCadaConfigRootCA_2.crt'.
- Update the certificate path in the client-configuration section of
webspace-session-manager.json file located at
<installation_path>\Proficy\Proficy
CIMPLICITY\webspace-session-manager\webspace-session-manager.json
Example:
"client-configuration" :{ "register-timeout-seconds" : 5, "relay-server-reverse-proxy-port" : "9443", "root-ca-certificate" : "..\\ScadaConfigPki\\CimScadaConfigRootCA_2.crt", "wsm-admin-password" : "AD2tSYUmQJ3l++ToAVBfF6nrCTRaPmgUhS3odSauoW0=", "wsm-admin-user" : "admin", "wsm-client-socket-port" : "4958", "wsm-hostname" : "localhost" },