Before you connect ClearSCADA to Wonderware Historian Online, you need to enter a security token in ClearSCADA (see Exporting Historical Data to Wonderware Historian Online and see Set Token). This allows you to encrypt the communications between the two.
You can only use the security token on the computer that you used to generate it. Therefore, if your ClearSCADA system has a Hot Standby configuration, you will also need to use a certificate so that the security token can be shared by more than one computer. You will need to do this on the Hot-Standby servers in your system.
There are two types of certificate that you can use:
- Trusted Authority certificate—You need to purchase such a certificate from a certification authority, such as VeriSign, GlobalSign, DigiCert, GoDaddy, and StartCom. We strongly recommend that you use trusted certificates with ClearSCADA.
- Non-trusted self-signed certificate—A non-trusted certificate does not provide authentication. The client cannot tell if the certificate is legitimate. NOTICE
SECURITY RISK
Using a non-trusted certificate could compromise your system security. Installing a non-trusted certificate could compromise your system security. Potentially, it could lead to unauthorized access. For this reason, we strongly recommend that you use a trusted certificate.Failure to follow these instructions can result in compromised security leading to data loss.
Before you can use the certificate, you need to contact Wonderware Historian Online Support and register the public certificate with them. You then need to install the certificate into the local machine certificate store.
To use a certificate, follow this procedure:
- Open Windows Certificate Manager for the local machine. To do this:
- In Windows 7 and Windows Server 2008 R2, click the Windows Start button, type mmc.exe in the search box, then press Enter. In the Microsoft Management Console, select File, click Add/Remove Snap-in, select Certificates, click the Add> button, select Computer account, click the Next button, select Local computer, click the Finish button, then click the OK button.
- In Windows 8 and Windows Server 2012, click the Windows Start button, type certlm.msc in the search box, then press Enter.
- Import the certificate (see the Windows Help).
- Open the certificate by double-clicking it.
- Click the Details tab.
- Scroll down the Details list until you find the Thumbprint field.
- Click on the Thumbprint field and copy the Thumbprint value to the clipboard. The value is padded with spaces.You need to remove these spaces.
NOTE: For more information about using Windows Certificate Manager, see the Windows Help.
- Paste the Thumbprint value into the PublisherThumbprint attribute in the aahCloudConfigurator.exe.config file. By default, you can find this file in the folder C:\Program Files\Schneider Electric\ClearSCADA.
Example:
The example below shows the Publisher Thumbprint attribute populated:
If you do not want to use a certificate, set the Publisher Thumbprint attribute to blank (see below):
Further Information
Generate a Security Token with Wonderware Historian Publisher