Your system is less secure if, instead of implementing
signed server certificates, you accept self-signed certificates. If,
after acceptance, the self-signed certificate’s public key
changes, the system negates the certificate, changes the green shield
icon on the Allowed Hosts tab to a yellow icon
with an exclamation mark (
), and denies access, causing an error.
You are working in Workbench and are connected to the appropriate station.
If you trust the new key, follow this procedure to accept
the changed certificate. If you suspect something is wrong, investigate
further. Do not accept a self-signed certificate with a new public
key unless you are confident that it is secure. Better yet, stop using
self-signed certificates and implement signed certificates, which
provide server authentication as well as encryption.- To access an Allowed Hosts tab do
one of the following:
- To access the Workbench Allowed Hosts list, click , and click the Allowed Hosts tab.
- To access the platform/station Allowed Hosts list, expand Platform and double-click Certificate Management in the Nav tree. Then, click the Allowed Hosts tab.
- You may also access the platform/station stores by expanding and double-clicking CertManagerService in the Nav tree.
The tab opens.
- To confirm that the public key changed, select the certificate
row in the table and click View.
The certificate opens in the
Detected Public
Key Change window.
The screen captures show an example certificate
after scrolling down to the mid-scroll and end-scroll regions.
- Confirm at least the Issued By and Subject properties.
The two names should be names you recognize as belonging to
your company.
- Accept the self-signed certificate with the new public
key, click Accept.
The certificate icon changes to a green shield with a
check mark.