Activating Client Certificates

Authentication via client certificates must be activated in the TwinCAT HMI server. You can make this setting directly in the configuration of the engineering server and use a project publish to transfer it to a server on the target system. Alternatively, you can make the setting as required directly on the target system at a server.

1. Open the configuration page of the TwinCAT HMI server.
   
   Engineering server:
   Open the "Server" node within the TwinCAT HMI project in Visual Studio. Then open the "Extensions" node and double-click on the "TcHmiSrv" entry:
   
   
   
   Server on the target system (TF2000 HMI Server):
   Right-click on the SysTray icon of the TwinCAT HMI server:
   
   
   Open the configuration page via the context menu by clicking on the entry "Config":
   
2. On the configuration page, click on the entry "TcHmiSrv" (1) and then go to the "Security" tab (2). There you will find the entry "Only client certificates allowed to authenticate" (3).
   
3. Enable authentication using client certificates by setting the option to "true" (3). Confirm the action with the button "Accept" (4).
4. Authentication using client certificates is active. If you have made the setting on the engineering server, you can transfer the project to a server on the target system.
5. The client certificates must be installed in the clients that are to gain access to the system.