tia Viewer Core supports HTTP or HTTPS communication. It is not possible to have both at the same time.
Secure communication over HTTPS requires a certificate in stored as PKCS12 format. The certificate may be public or self-signed. The file typically stored permanently at host and therefore needs to be mapped into the container.
The following configuration must be made in container environmental variables or in YAML configuration file.
Parent | Parameter | Explanation |
|---|---|---|
|
| Key store format. Supported are PKCS12 and JKS supported. PKCS12 is preferred. |
|
| Location of the keystore |
|
| Password for the keystore |
|
| Alias for the certificate in the pkcs12 store |
|
|
|
| Info |
|---|
As communication is on port configured by |
Example
| Info |
|---|
This demonstrates how a self-signed certificate is created using The keystore file is named The store password in the keytool command is The parameters to be added into the command to start the container are given for |
Create a keystore with a self signed certificate or skip this step with existing certificate.
| Code Block | ||
|---|---|---|
| ||
keytool -genkeypair -alias kgs -storepass test1234 -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore kgs.p12 -validity 3650 |
Edit the command to start the container
Map the file in the container:
| Code Block |
|---|
-v ./tiaviewer/kgs.p12:/application/kgs.p12 |
Add to environment variables:
| Code Block |
|---|
-e SERVER_SSL_KEYSTORETYPE:PKCS12 -e SERVER_SSL_KEYSTORE:/application/kgs.p12 -e SERVER.SSL.KEYSTORE-PASSWORD:test1234 -e SERVER_SSL_KEYALIAS:kgs -e SERVER_SSL_ENABLED:true |