Skip to main content

Setting Up Encrypted Communication

Tip

Communication between the CODESYS Automation Server and the Edge Gateway is always encrypted.

Tip

For more information on security and 0_Global: Produkt CAS see: Security für den CODESYS Automation Server

You can set up encrypted communication between an Edge Gateway and a PLC directly in the CODESYS Automation Server.

Requirements:

  • The Edge Gateway is running and is connected to the CODESYS Automation Server.

  • The PLC is running below this Edge Gateway.

  1. Open the List View view in the CODESYS Automation Server and click the desired PLC in the PLC list.

    The PLC Details view opens.

  2. Open the Configuration tab.

  3. Click the Test Encrypted Connection button.

    The Test Encrypted Connection dialog opens and shows whether an encrypted connection between the Edge Gateway and the PLC is possible:

    cas_icon_log_error.png: Encrypted connection cannot be established between the Edge Gateway and the PLC.

    cas_icon_ok_green.png: Encrypted connection can be established between the Edge Gateway and the PLC.

    The following is required for an encrypted connection to be possible:

    The PLC has a certificate for encrypted communication.

    The certificate is also located in the "Trusted" folder of the Edge Gateway.

  4. If an encrypted connection is possible, then enable the Encrypted communication option and then click on Save Configuration button.

    Communication between the Edge Gateway and the PLC is now encrypted. No additional steps are required.

  5. If an encrypted connection between the Edge Gateway and the PLC is not possible, then perform the following steps:

  6. In order for communication to be encrypted between the Edge Gateway and the PLC, the Edge Gateway must trust the certificate with the "Encrypted Communication" use case of the PLC.

    If the certificate of the PLC with the "Encrypted Communication" use case is signed by a CA (Certificate Authority), then the CA certificate can also be copied to the Edge Gateway instead of the certificate of the PLC.

    In the following steps, the Quick Setup command is used to copy the certificate with the "Encrypted Communication" use case of the PLC to the Edge Gateway. Alternatively, the certificate could also be copied manually.

  7. Click the Quick Setup button.

    The Encrypted Communication Quick Setup dialog opens and displays the PLCs which are currently connected to the CODESYS Automation Server and running.

  8. Click the Prepare Certificates button.

    The PLC searches for a certificate for encrypted communication. If no corresponding valid certificate is found, then a new certificate is generated. The qualified valid certificate is then copied to the Edge Gateway and entered in the table. The cas_icon_ok_green.png symbol is now displayed in the Status field.

  9. In this dialog, select the certificate and click the Enable Encrypted Communication button.

    The certificate is copied from the PLC to the connected Edge Gateway and encrypted communication is then enabled.

  10. If you want to view the certificate, then you can click the cas_icon_download.png symbol to download the certificate to the download folder of your computer.

For more information, see: Encrypted Communication Quick Setup

: