×

It's time to move from Web HMI to Proficy Operations Hub! Visit the Operations Hub web page, download a free trial or check out the datasheet.

Home
GE HMI Server Configuration Manager
Create Self-Signed Certificates for Web HMI Clients
Use the GE HMI Server Configuration Manager to create self-signed digital certificates for Web HMI clients to use when establishing a trusted relationship with OPC UA endpoints.

Web HMI Products Documentation

GE HMI Server Configuration Manager
- GE HMI Server Configuration Manager
  The GE HMI Server Configuration Manager handles the connection configuration, certificate management, and logging settings required for Web HMI to successfully communicate with iFIX, Historian, and CIMPLICITY (OPC UA-enabled data source).
- Secure Connections to OPC UA Endpoints
  Use the GE HMI Server Configuration Manager to discover and configure CIMPLICITY OPC UA endpoints. An endpoint is the server found at the discovery URL (Uniform Resource Locator).
- Create Self-Signed Certificates for Web HMI Clients
  Use the GE HMI Server Configuration Manager to create self-signed digital certificates for Web HMI clients to use when establishing a trusted relationship with OPC UA endpoints.
- Use GDS Certificates for Web HMI Clients
  Use the GE HMI Server Configuration Manager to register with the Global Discovery Server (GDS) and use the certificates provided by GDS to establish a trusted relationship between Web HMI clients and OPC UA endpoints.
- Connect to Historian
  Use the GE HMI Server Configuration Manager to set up the Historian server credentials used by the Data Distributor to connect Web HMI to one or more Historian servers.
- Define Tracing and Logging
  Use the GE HMI Server Configuration Manager to configure the tracing and logging settings for the Alarm Gateway and Data Distributor.

Create Self-Signed Certificates for Web HMI Clients

Use the GE HMI Server Configuration Manager to create self-signed digital certificates for Web HMI clients to use when establishing a trusted relationship with OPC UA endpoints.

A new self-signed certificate generated by the GE HMI Server Configuration Manager overwrites the certificate you initially installed for the Web HMI client. Previously-configured OPC UA endpoints now require this new self-signed certificate. To reestablish this trust relationship, you must attempt to reconnect with the OPC UA server (using the Test button in the Server Credentials window). The OPC UA Server initially rejects the new client certificate (Bad Security Checks Failed). As a result, you must move the rejected client certificate in <project folder>\pki\rejected\ to <project folder>\pki\trusted\certs of the OPC UA server host machine.

In the GE HMI Server Configuration Manager, select the OPC UA Client tab.
To create self-signed certificates, select Enable Security.
The Task panel shows the status of this step. The new self-signed certificates are stored in ProgramData\Proficy\WebHMI\DataServices\pki\own\certs.