Certificates

Jump to Section

Certificates can be viewed under Settings. Certificates are used to encrypt and validate connections to other systems (Ex. connecting via TLS to and MQTT broker or OPC UA server). This section covers how to create and manage certificates.

Certificates are commonly used to secure communications and authenticate clients. An example is using certificates with the MQTT connector to send and receive data from AWS IoT Core. In this case, the self-signed certificate for AWS is used to secure the connection and AWS provides a public and private key to authenticate the hub. Use the steps in the preceding sections to import certificates into the hub and use them in connectors.

Add a Certificate

  1. Navigate to Certificates in the configuration’s Main Menu. Here you can add, edit, and view certificates. To add a certificate, click the New Certificate button.

NOTE: HighByte Intelligence Hub may automatically generate some certificates/keys on your behalf (e.g., app-certificate* are application instance specific certificates leveraged by OPC UA connections). You may set these named certificates to your own public/private keys based on your company’s internal IT policies.

  1. Enter an Alias to represent the new certificate.

  2. Insert the textual representation of the Public and/or Private keys. PKCS#1, #8, and #12 formats are supported.

    Use this field to import public certificates, often used to secure TLS/SSL and HTTPS connections. Open the certificate file in a text editor and copy all the text into this field. An example Public Key will be decorated with text that begins with -----BEGIN CERTIFICATE----- and ends with -----END CERTIFICATE-----. Copy all the text (including the BEGIN and END parts) into the field.

Private Key is used in addition to Public Key to import public/private key pairs into the hub. To do this, open the private key file in a text editor and copy all its contents into the Private Key field. It should start with -----BEGIN RSA PRIVATE KEY----- and end with -----END RSA PRIVATE KEY-----. Also, make sure you’ve included the public part of the key in Public Key.