SSL setup on Ignition 8.0.12 for Large organisation

I am in the process of setting up SSL on the gateway using the Ignition Web Server configuration page. I have got through all the steps, and it looks like that part was successful on the gateway webpage, see the screenshot below.

However when I tested using the vision client, I got the message: “SSL certificate not found”.

And when I forced the client migrate from http connection to https connection I got an error which looked like the issue was with Java verifying the certificate, see the next screenshot.

I was able to get some success following these steps: Designer Launcher SSL - #2 by jcoffman

I placed the root certificate on my local computer under: .ignition\clientlauncher-data\certificates and it accepted the ssl certificate in the java ignition vision client. At the moment it seems like the certificate is signed by a CA that isn’t included in Java’s default keystore. However I don’t think it is viable to do this for all onsite users, so we need to look for a better solution. (I don’t have remote access to every pc on site that runs the client)

Is there a way this could be done on the gateway or is it a problem with how the certificate was created?

There isn’t really a way to do this on the gateway unless you create a CSR and submit that to a CA trusted by java by default.

However, in 8.0.13, the launchers support adding certificates within the GUI itself, not requiring that you drop the certificates into the directory. When you attempt to launch a client the certificate will be displayed giving the user the chance to trust it.

Hope that helps,
Jonathan C