Self signed SSL certs and designer in 8.3

Ignition
1

Trust cert not working in designer.

I have checked:

So I deleted my SelfSigned Cert, I had HTTPS redirect ON.

No I cannot login to my Gateway. The HTTP port works, but I cannot login. It does login, the login form succeeds, but there is no logged in user afterwards.

Now I am stuck.

I did

./gwcmd.sh -i
Gateway Name: Ignition-opcpod
Gateway Version: 8.3.0 (64-bit)
Web Server Status: RUNNING
Gateway Status: RUNNING
Http Port: 12088
Https Port: 12043

./gwcmd.sh -p
Password has been reset. Gateway needs to be restarted.

./gwcmd.sh -r
Waiting for Gateway restart.
Gateway needs to be commissioned

I got at http port 12088 :
This site can’t provide a secure connection

10.246.30.91 sent an invalid response.

ERR_SSL_PROTOCOL_ERROR

./gwcmd.sh --clearks
Error! java.lang.Exception: Unable to clear the SSL key store caused by java.lang.IllegalArgumentException: State is NO_CERTIFICATE

Screenshot From 2025-10-09 12-03-25
Screenshot From 2025-10-09 12-03-25858×660 27.3 KB

Screenshot From 2025-10-09 12-02-14
Screenshot From 2025-10-09 12-02-14858×660 23.5 KB

Screenshot From 2025-10-09 12-02-26
Screenshot From 2025-10-09 12-02-26858×660 35.5 KB

Screenshot From 2025-10-09 12-02-33
Screenshot From 2025-10-09 12-02-33858×660 24.5 KB

2

Edit $IGNITION/data/gateway.xml and disable gateway.forceSecureRedirect:

<entry key="gateway.forceSecureRedirect">false</entry>

then restart and try to access your Ignition Gateway. Make sure you include "http", not "https", in the URL you use.

3

Thanks, https in address bar was one error.

I changed the setting and did a restart. I do log in in GW Web and after log in, no user is logged in :frowning:

cat data/gateway.xml

<properties>
<comment>Context Settings</comment>
<entry key="gateway.publicAddress.httpPort"></entry>
<entry key="gateway.publicAddress.autoDetect">true</entry>
<entry key="gateway.publicAddress.httpsPort"></entry>
<entry key="gateway.forceSecureRedirect">false</entry>
<entry key="gateway.metroSSLPort">12060</entry>
<entry key="gateway.includedCipherSuites">[]</entry>
<entry key="localdb.autobackup.delay">60</entry>
<entry key="context.startup.useautobackups">true</entry>
<entry key="gateway.sslport">12043</entry>
<entry key="gateway.maxKeepAliveRequests">200</entry>
<entry key="context.props.version">3</entry>
<entry key="gateway.port">12088</entry>
<entry key="gateway.useProxyForwardedHeader">false</entry>
<entry key="localdb.autobackup.count">5</entry>
<entry key="gateway.maxThreads">300</entry>
<entry key="gateway.connectionTimeout">60000</entry>
<entry key="localdb.faultbackup.count">3</entry>
<entry key="gateway.resolveHostNames">false</entry>
<entry key="gateway.acceptCount">100</entry>
<entry key="gateway.keepAliveTimeout">60000</entry>
<entry key="gateway.excludedCipherSuites">[]</entry>
<entry key="gateway.publicAddress.address"></entry>
</properties>


./gwcmd.sh -r
Waiting for Gateway restart.
Gateway is now running
4

I have a perspective project which requires login. Login screen appears, I login, same admin user. And a login screen comes up. I click Continue to login again, and login screen comes up. It seems a user is logged in, as login form no longer comes up, but it goes back to Continue to login as the login does not work.

5

It looks like some Chrome security feature. I have another gateway on another port. I set seflsigned cert there. I did not Force Secure Redirect, which probable saves me posibility to use designer.

But I cannot login to gw via http, only via https. Which complains about security. And does not save my password.

6

OK, i had to delete site data in chrome. Nice.

1 Like