Skip to content

Using custom certificates in Industrial Edge Devices

During the onboarding process of an Industrial Edge Device (IED), a certificate is automatically generated for the device's specific IP address. To secure communication between the browser and the Industrial Edge Device (IED), the user must import the generated certificate into the trust store of the operating system or browser. To avoid this manual step, you can import a certificate signed by either a private Enterprise Root CAs (CA) or a public CA. You can import the certificates and the private key via the IED UI:

1. Prepare the certificates

Obtain the necessary certificates from your issuing authority. Ensure both the private key and the public certificate are in the correct format:

  • Certificate: The certificate should be in PEM format with a .crt file extension.
  • Key: The private key must be PEM formatted as well, with a .key file extension, utilizing the RSA algorithm.

2. Access device settings

Navigate to Settings > System, locate the "Import Edge Device Certificate" option.

3. Upload the certificate and key

Proceed to upload the certificate and key to your device.

Optional: If you are utilizing a DNS-based setup, select the checkbox provided, and input the DNS name of the device. This configuration allows connectivity to be established using the DNS name.