As of firmware version 13.1s0, Flexy makes its OPC UA protocol compatible with certificates.
This allows the encryption and the authentication with certificates for the OPC UA server of the
This article will explain what happens when a CA expires, and the necessary steps to follow.
ISSUE / QUESTION / SYMPTOM
My CA certificate expired. What can I do to renew it?
POSSIBLE CAUSES / ANSWER
- For Ewon's own certificate: After it expires, the only thing to do is delete the certificate from the folder and then reboot, Ewon's own certificate will be created automatically. It is not necessary to wait for the expiration date, every time it is deleted and rebooted, it will create a new one.
- For the other OPC UA certificates: When their certificate is renewed, the certificate of the device itself will be exchanged. The user should mark it "trusted" from Ewon GUI. If the exchange doesn't happen, it is possible to upload the certificate manually via GUI, with the "+" button or via FTP to the folder: "/usr/pki/trusted/certs"
Each Ewon certificate that is auto generated in the device, has an expiry date of 5 years.
All CA are in the user folder, customer can create and add manually a CA and/or replace the one created by the Ewon Flexy.