Root of Trust Secure Connection

Bedrock Automation has a "Root of Trust" system where a connection to their OPC-UA server is made without a username/password, but requires a special signed certificate. This certificate is only available from Bedrock, but Ignition allows you to create a Certificate Signing Request to take to them. This extra layer makes connecting to the OPC Server inside of the PLC very secure, for more information about Bedrock Automation PLCs and how these certificates work, contact Bedrock Automation.

How to Securely Connect to a Bedrock PLC

Once you have installed a copy of Ignition and purchase a Bedrock PLC, you can create your connection using the following steps.

  1. As of 7.9.0, Ignition can generate a Certificate Signing Request (CSR) to send to Bedrock. You can generate one in the Gateway Webpage. Go to the configure section and click on the link for the OPC-UA Server -> Certificates page. Click on the Import/Export tab.

    images/download/attachments/7079078/Certificates_Page.PNG

  2. Click on the 'Click here to export a CSR' link to generate the Certificate Signing Request file.

  3. Send that CSR file to Bedrock and they will generate a certificate for Ignition based on the public key in your PLC.

  4. Import the Signed Certificate in the same import page, using the 'Browse...'. button.

  5. Create an OPC-UA connection to the Bedrock PL