Managing BACnet/SC Certificates

  1. Create a “Controller” entity in the tree structure.
  2. Click the “TAGS” tab.
  3. Select the BACnet/SC tag.
  4. The selected tag is assigned to the “Controller” entity.
  5. Click the “Application” menu item in the “Solutions” menu.
  6. Click [Select File].
  7. Upload the preconfigured application template.
  8. Select a created “Controller” entity in the tree structure.
  9. Drag and drop the Application template onto the created “Controller” entity.
  10. The Application template is assigned to the “Controller” entity.
  11. In the “Solutions” menu, click the “Configuration” menu item.
  12. Select a created “Controller” entity in the tree structure.
  13. Click the “CONTROLLER” tab.
  14. Open “Controller Details” > “Device Details.”
  15. Edit the input fields for the selected controller.
  16. Click .
  17. Open “Controller Details” > “WBM.”

  18. Note

    Configuration for “WBM” only available if input fields are edited under “Device Details”!

    The following settings for “WBM” require you to have filled in all the input fields under “Device Details” and saved the settings you have made. If you have not, the settings for “WBM” are not available and are not displayed!

  19. Click .
  20. The device model is reloaded, and all linked device instances are updated.
  21. Open “Controller Settings” > [...] > “BACnet Service.”
  22. Check the “Service Active” box.
  23. Select the sc setting in the “Communication Mode” field.

    24.  

  24. Open “Controller Settings” > [...] > “BACnet/SC” and then create a BACnet/SC hub.
  25. Select the Primary Hub setting under “BACnet/SC Mode.”
  26. Enter port number 47808 in the “TCP Port” field.
  27. Enter the corresponding URI in the “Primary Hub URI” input field.
    The entry must have the following structure: wss://XXX.XXX.XXX.XXX:YYYYY.
    Example: If the hub is to be reached at IP address 192.168.178.19 and port 47809 is selected for communication, the entry should be as follows: wss://192.168.178.19:47808.
  28. Enter the corresponding URI in the “Failover Hub URI” input field.
    The entry must have the following structure: wss://XXX.XXX.XXX.XXX:YYYYY.
    Example: If the hub is to be reached at IP address 192.168.178.19 and port 47809 is selected for communication, the entry should be as follows: wss://192.168.178.19:47808.

    29.  

  29. Click [Save].
  30. Repeat the steps for the second controller (Controller 2). Configure it as a BACnet/SC node.
  31. Select the “Property” entity in the tree structure.
  32. Click the “CERTIFICATES” tab.
  33. Click [+] to create a new certificate.
  34. The “Generate New Certificate” dialog opens.
  35. Select Certificate Authority from the “Role” drop-down menu.
  36. Enter the country name in the “Country (C)” field.
  37. The form’s remaining input fields are filled in automatically.
  38. Click [Generate].
  39. WAGO Solution Builder generates a private key and CA security certificate for itself. These can then be used to sign device certificates.
  40. Click [Update].
  41. The “Renew Certificate Authority and Subcertificates” dialog opens.
  42. Select All from the “Subcertificates Expire within” drop-down menu.
  43. Select the BACnet/SC certificate from the “Role of New or Renewed Certificates” drop-down menu.
  44. Click [Renew].
  45. Create a new node in the tree structure.
  46. Rename this node “WBC.”
  47. Click the “CONNECTION” tab.
  48. Enter the IP address of your PC in the “Device Address” field.
  49. The certificate is stored under the IP address you enter.

  50. Note

    Only use the IP address of the PC!

    Only enter the IP address of your PC so WAGO BACnet-Konfigurator and all other WAGO software components in your network can also access the certificate you have created. Alternatively, you can also enter the domain name “localhost.”

  51. Click the “CERTIFICATES” tab.
  52. Click [+] to create a new certificate.
  53. The “Generate New Certificate” dialog opens.
  54. Create a “BACnet/SC certificate” as in the previous steps.
  55. Select a created “Controller” entity in the tree structure.
  56. Click the “CERTIFICATES” tab.
  57. The table view now contains four entries.
  58. Select the entry of type KEY.
  59. Click [Export].
  60. Repeat both steps for the entries of type CRT and CA.
  61. The generic security certificate is exported and is now ready to be uploaded to WAGO BACnet-Konfigurator (see Configuration in WAGO BACnet Configurator).
  62. Click “Network” in the “Solutions” menu.
  63. Click [Merge Detailed].
  64. The “Synchronize Differences” dialog opens.
  65. Check whether the “Certificates (BACnet)” entry can be found in the table view and can be synchronized.
  66. Click [Synchronize].
  67. WAGO Solution Builder starts the process of synchronization with the Web-Based Management.
8 
8 8 8 8 8 8 8 8 8 8 8