×

Have You Seen Webspace Lately? Click here to check out all the new features in the latest version.

Supercharge your GE solution! Download a free trial of Proficy Operations Hub, CSense analytics, and more. Learn more about the Proficy 2023 releases, by signing up for one of our upcoming events.

Webspace Products Documentation

Important Product Information
Introduction
Configuration
- Configuration Overview - Webspace
- Installing Webspace
- Configuration Guidelines
- Apache Configuration Still Supported in Webspace Upgrades
  This topic describes how to configure SSL when the Apache HTTP Server 2.4 (httpd-2.4.29-Win64-VC15) web service is installed on the Webspace Server, which was a configuration supported in earlier versions of Proficy Webspace. You can continue to use this older configuration or upgrade to the new one; Webspace now has its own web server. The newer version of Webspace (version 6.2 and greater) does not require the use of either Apache or IIS.
- Certificates
- Self-Signed Certificates
  - Creating Your Own Certificate Authority
  - Using SSL Transport in Webspace
- Creating Mapped Drives on the Webspace Server
- Configuring Multiple Input Locales
- Running the Webspace Admin Console
- Adding Applications to the Webspace Admin Console
- Secure Deployment and Whitelisting
  We strongly advise you to follow recommended practices with respect to network cybersecurity. For example, our products should be placed within a protected electronic security boundary, such as behind a properly configured firewall, and monitored by a properly tuned Intrusion Detection System (IDS) or an Intrusion Prevention System (IPS). Industrial Control System products should NOT be connected to the business network or directly to the Internet. (VPN is an example of a countermeasure that can be deployed.)
- Optimizing Webspace Server Performance
Administration
Optional Web Session Properties
Deploying and Running Sessions
Advanced Topics
Reference
Glossary

Creating Your Own Certificate Authority

Sites with many Webspace hosts can create their own certificate authority, then sign each server’s certificate from this authority and install the certificate authority certificates onto each client. This will prevent any warnings about untrusted authorities, without requiring the site to obtain a third-party certificate for each server.

There are many third-party applications and systems to assist in the creation and maintenance of a certificate authority that interoperate with the OpenSSL toolkit. These tools should be able to generate signed server certificates for use with Webspace without modification.

A certificate authority is a virtual organization that will sign each of your server keys, allowing the client to assert that the server keys are authentic and have not been tampered with.

To establish the certificate authority, a CA key and self-signed certificate must be created. After the CA certificate and key are created, import the CA certificate on the client device via the Internet Options dialog. Finally, the server keys are signed using the CA certificate, which will allow the client machines to recognize the authenticity of the signatures and allow connections to the server without warning the user about the trustworthiness of the CA.

Note: Nine files are created during this process: ca.key, ca.csr, ca.crt, ca.cfg, ca.serial, server.cfg, server.key, server.crt, and server.csr.