Importing the certificate

As soon as you have received a certificate from an official certificate authority (CA), you can import it into your TwinCAT/BSD system. Alternatively, you can also use the self-signed certificate that you have created for test purposes.

Proceed as follows:

1. Replace the existing private key for nginx with your private key:

doas cp IPCDiagnostics.key /usr/local/etc/TwinCAT/3.1/Target/PrivateKeys/IPCDiagnostics.key

2. Replace the existing certificate for nginx with your certificate:

doas cp IPCDiagnostics.crt /usr/local/etc/TwinCAT/3.1/Target/Certificates/IPCDiagnostics.crt

3. Restart the nginx web server:

doas service nginx restart

4. The certificate is ready for use after restarting the service.

If you are not using a certificate from an official certificate authority (CA), your browser will display a security warning. You can configure your browser to accept the certificate automatically by importing the server certificate into your browser's certificate store. Further information on this can be found at: Self-signed certificates for https connection

As some browsers (e.g. Mozilla Firefox) use their own certificate stores, it may be necessary to import the certificate directly in the browser.