Profiles

Profiles are where you define the alias and a unique or global certificate password of the CA certificate that will be used to sign all Certificate Signing Requests (CSR) associated with that profile. In addition, you may define values for various certificate fields that are applied to the signed certificate, and to validate those fields within the CSR supplied by the remote station. Each profile also holds a Certificate Store where you may view the records of the CSR associated with that profile, including the signed certificate.

Transports

With Transports, certificate requester components can communicate and onboard with the Signing Service. This includes the mechanism by which clients authenticate to use the Signing Service, and how CSRs are associated with the relevant profile.

Fox Signing Transport

This transport allows remote components to request a certificate from the Signing Service. To use this transport, the station on which the remote component is running will require an active Niagara network connection to the station that is hosting the Signing Service. Remote components must obtain a temporary session token for the purpose of onboarding, and each session token must be approved by an admin user who also designates a profile to service the request.

Local Signing Transport

This transport was added in Niagara 4.14 and allows components to utilize a Signing Service that exists on the same station. No session token is required with this transport.

Signing Requester

A component on the remote station that will submit the CSR to the transport.

Individual Signed Cert Config

A component that is dropped from the Signing Service palette onto certain specific components, such as the Fox Service, Web Service, or an Additional Https Cert. This enables the parent component to make requests for an individual signed certificate from a Signing Service (as of Niagara 4.14).

Combined Signed Cert Config

A component that is dropped from the Signing Service palette onto the station’s Security Service. This enables the service to request a signed certificate that may then be shared between any combination of the Fox Service, Web Service, Platform or all three (as of Niagara 4.14).