Renew the Expired Self-Signed Certificates on Plant Applications Standard Web Client

OpenSSL is by default installed and enabled in the Web Client installation box. Otherwise you will need to download and install from: https://slproweb.com/products/Win32OpenSSL.html.

About this task

Use this procedure to renew the expired self-certificates provided during the installation of the Standard Web Client.

Procedure

  1. Extract the attached ‘create-self-signed-certificate-win.zip’ file into the <Webclient_Installation_path> \SelfSignedSecrets\ folder.
  2. Copy the v3.ext and server.csr.cnf files from the \SelfSignedSecrets folder to the newly extracted folder and do the following:
    1. Ensure that below fields are not blank in v3.ext:
      • IP.2: Update the IP.2 address name to system IPv4 address.
      • DNS.2: Update the DNS.2 name to system fully qualified hostname.
      • DNS.3: Update the DNS.3 name to system short dns hostname.
    2. Ensure that below field is not blank in server.csr.cnf:
      • Commom Name (CN) to the system hostname/fqdn.
  3. On the Windows Start menu, right-click Command Prompt, and then click Run as administrator.
  4. In the Administrator: Command Prompt window, type the location of the newly extracted folder and press Enter.
  5. Launch the create-self-signed-certificate.bat file.
  6. Make a copy of the newly created rootCA.pem file and rename it to rootCA.crt.
  7. Double-click the rootCA.crt and install it on the local machine.
  8. Place it in the Trusted Root Certification Authorities folder during the install process.
  9. Make a copy of the server.crt and server.key files.
  10. Rename server.crt to public.pem and server.key to key.pem.
  11. From the desktop, open the Configuration Manager for Plant Applications Web Client tool.
  12. On the Certificate Configuration tab, browse the Certificate File to the public.pem file.
  13. Browse the Key File to the key.pem file.
  14. Use the Import option and wait until the status changes to “Configuration done”.
  15. Test the Web Client.
    Note:
    Ensure that the rootCA.crt file is copied on all the Client machines and installed in the Trusted Root Certification Authorities folder to establish trusted connection.