Self-signed certificates
A self-signed certificate is one that is signed by default using its own private key rather than by the private key of a root CA (Certificate Authority) certificate.
The system supports two types of self-signed certificates:
-
A root CA certificate is implicitly trusted because there is no higher authority than the CA (Certificate Authority) that owns this certificate. For this reason, CAs, whose business it is to endorse other people's certificates, closely guard their root CA certificate(s) and private keys. Likewise, if your company is serving as its own CA, you should closely guard the root CA certificate you use to sign other certificates.
-
A default, self-signed certificate: The first time you start an instance of Workbench, a platform or a station after installation (commissioning), the system creates a default, self-signed server certificate with the alias of tridium.
Since the Issuer DN (Distinguished Name) and Subject DN are the same, the certificate is said to be self-signed using its own 2048–bit, private key. The purpose of a self-signed certificate is to allow secure access to the platform and station before a trusted certificate tree with signed server certificates is established. Since a client cannot validate this type of certificate, it is not recommended for robust, long-term security.
When presented with a self-signed certificate, always confirm that it is the expected certificate before you manually approve its use. Once approved, you do not have to approve the certificate each time you make a connection to the server.
To minimize the risk of a man-in-the-middle attack when using self-signed certificates, all your platforms should be contained in a secure private network, off line, and without public access from the Internet.