Using a self signed Certificate for SSL with Ignition 8 and Windows.

Sometimes you might want to run ignition on your internal network using SSL via the internal IP address. Real SSL certificates are usually only issued for fully qualified domain names. For this we can self sign a certificate, however web browsers will moan at you and make you go through hoops to connect, as they don’t trust self signed certificates.

In Ignition 8, Inductive Automation have made the process of self signing a certificate really easy and it can all be done from the gateway web page.

We’ll start from an already installed gateway.

Login and go to Config -> Webserver -> Setup SSL/TLS and click on I don’t have all the items above.

Fill in the the required fields:

For common name just use any domain.

Then you need to tick the box for Show Advanced Properties where you’ll then be able to click on Install Self-Signed Certificate.

Ignition will now generate certs and try to reload itself to the gateway web address but with port 8043 instead of 8088, so you might need to open port 8043 in your firewall.

After that is working, you can change the ports to port 80 for http and port 443 for https, remember to open these in your firewall. You might as well then tick the box to force redirect all http requests to https, this is done in Config -> Webserver:

You should now be able to access from just https://youripadress without the :8088 or :8043.

By Roy Westwood

I've been an Industrial Automation professional for over 20 years. I currently lead a team of Systems Engineers creating OEE and Data Management solutions for customers all over the world.

Leave a comment

Your email address will not be published. Required fields are marked *