When I am Launching the ignition designer after configuring the SSL configuration with a self-signed certificate there seems to be some error after I trust the certificate
Am i missing some steps or…
Once you enable SSL you have to start accessing the Gateway via a URL with a hostname or IP address that is listed in the certificate. That usually means you can’t use “localhost” any more.
I have tried with the IP of my system but it seems I am arriving at the same result - Certificate is invalid
Can you share the certificate or its details? Does the hostname or IP appear in the Subject Alternative Names section of the certificate?
I’m not sure if that page ever shows the DNS/IP entires.
When you generated the certificate did you add your gateway’s hostname and IP while setting all the other details?
In case it isn't clear, the address (hostname or IP) you visit with your browser must be in the certificate, as the common name or in the list of subject alternative names. That is what tells the browser it is visiting a legit site. Your current cert will work (on port 443) if you add an entry to /etc/hosts for "ignition" pointing at your local IP. Then visit https://ignition/.
2 Likes
Using hostname as the common name was deprecated in 2000, please don’t do this. Use SAN
https://frasertweedale.github.io/blog-redhat/posts/2017-07-11-cn-deprecation.html