Client/server relationships

Client/server relationships identify the connections that require protection.Workbench client/server relationships vary depending on how you configure and use a system.

Workbench is always a client. A platform is always a server. A station may be a client and a server.

Figure 1. Relationships

The system protocols that manage communications between these entities are:

  • Platform connections from Workbench (client) to controller or Supervisor PC platform daemon (server) use niagarad. A secure platform connection is sometimes referred to as platformtls. You enable platformtls using the Platform Administration view.

  • Local station connections (Supervisor and platform) use Foxs. You enable these connections in a station’s FoxService (Config > Services > FoxService).

  • Browser connections use Https, as well as Foxs if you are using Web Launcher with a WbWebProfile. You enable these connections using the station’s WebService (Config > Services > WebService).

  • Client connections to the station’s email server, if applicable. You enable secure email using the station’s EmailService (Config > Services > EmailService).

These relationships determine an entity’s certificate requirements. For example, a station requires a signed server certificate, which it uses when it functions as a server, and a copy of the root CA certificate, which it uses when it functions as a client. Setting up digital certificates for identity verification involves creating separate certificates to verify the identity of each server. Each server’s unique certificate, signed by a CA (Certificate Authority), resides in its User Key Store. Each client requires the root CA certificate used to sign each server certificate. The root CA certificate resides in the platform/station System or User Trust Store.