When I log into WebView / EasyWeb I see a scary warning telling me the connection is not secure because it is using a Self-signed certificate. Is it safe to proceed?

Tags: FAQNetworkingIIoTSecurity

When I log into WebView / EasyWeb I see a scary warning telling me the connection is not secure because it is using a Self-signed certificate. Is it safe to proceed?

When first logging in to
WebView or EasyWeb 2.0 you may get a message warning that the website’s
certificate could not be verified. The exact wording and look of the message will depend on the browser you are using, but it will be something to the effect of:


This is because the connection to the HMI’s
built-in webserver is encrypted using the https protocol, and a self-signed public
key certificate. Most websites on the internet using https use a certificate
signed by a Certificate Authority (CA). This is done because the clients do not
know the identity of the website owner and require a third party to establish
that the website can be trusted. It is not practical for every HMI to have a CA
signed certificate as there is a fee for this. This does not mean that the
connection is not encrypted or secure.
 

For more information on the
security implications of using a self-signed certificate refer to the Wikipedia
article:

https://en.wikipedia.org/wiki/Self-signed_certificate

Or this article from MacAfee©: 

https://www.mcafee.com/blogs/other-blogs/mcafee-labs/self-signed-certificates-secure-so-why-ban/

Content Created by Mike Sheldon
Scroll to Top