Handling Certificates
To securely encrypt the data and the data exchange between the device and the software during the connection and configuration and to protect it from third parties, the device should use a trusted SSL certificate.
It may happen that certificates are not trusted. This is the case with new devices, among other things. An icon with an open lock 
next to the device name in the user interface indicates that a certificate is not trusted.
The following options are available:
- Use a trusted SSL certificate
Generate a trusted SSL certificate and install it on the device and in the web browser/operating system. You can find a description of this in the WAGO Cyber Security for PFC100/PFC200 Controller manual. The certificate handling described there also applies to other Linux-based products such as the WAGO Compact Controller 100 (Item no. 751-9402/xxx-xxx).
Then restart the application so that the new trusted SSL certificate is recognized.
- or - - Add exception for the certificate
At your own risk, add an exception for the untrusted SSL certificate.
Note: - In this case, it is not technically possible to ensure that communication will take place with the device you expect (man-in-the-middle attack possible).
- Only one exception can be added per device for an untrusted SSL certificate. Therefore, if you add a new exception for an untrusted SSL certificate, the previous certificate exception is overwritten.
- If a certificate exception that has already been added for a device is no longer displayed in WAGO Device Manager, this may be because a new, untrusted certificate has been detected, e.g., as a result of a network scan, connection setup or other HTTPS requests to the device. Even if the device with the new certificate has not yet been updated/added to the project, the outdated certificate is automatically removed as soon as the new one is recognized.
Add Exceptions for Certificates
Note: A trusted certificate or one that has been added as an exception is required to establish a connection with the device and for further configuration.
When you perform a network scan or connect to a device in the project, the device is checked to see if it has a trusted certificate. If no trusted certificate is found, a dialog opens automatically in which you can add a certificate exception.
- Click [Add] in the dialog.
- If you have closed the dialog box by mistake, you will still find the button for adding exceptions in the list of devices found:
View and Remove Exceptions for Certificates
- Open the options by clicking on the gear icon
. - Open the “Certificate Exceptions” tab.
- Select the certificate and click [Remove].
Tip: You can view the contents of a certificate regardless of its trusted status by connecting the device, opening the “Connection” view from the ribbon and clicking on [Show Certificate].