When I log into WebView / EasyWeb I see a warning telling me the connection is not secure because it is using a Self-signed certificate. Is it safe to proceed?

Tags: FAQNetworkingIIoTSecurity

When I log into WebView / EasyWeb I see a warning telling me the connection is not secure because it is using a Self-signed certificate. Is it safe to proceed?

When first logging in to WebView or EasyWeb 2.0 you may get a message warning that the website’s
certificate could not be verified. The exact wording and look of the message will depend on the browser you are using, but it will be something to the effect of:

 

This is because the connection to the HMI’s built-in webserver is encrypted using the https protocol, and a self-signed public key certificate. Most websites on the internet using https use a certificate signed by a Certificate Authority (CA). This is done because the clients do not know the identity of the website owner and require a third party to establish that the website can be trusted. It is not practical for every HMI to have a CA
signed certificate as there is a fee for this. This does not mean that the connection is not encrypted or secure.
 

For more information on the security implications of using a self-signed certificate refer to the Wikipedia article:

https://en.wikipedia.org/wiki/Self-signed_certificate

Or this article from MacAfee©: 

https://www.mcafee.com/blogs/other-blogs/mcafee-labs/self-signed-certificates-secure-so-why-ban/

Content Created by Mike Sheldon
Scroll to Top