Customizing the Self Signed Certificates Support

BI Gateway uses web technologies for its building and deploying objects. For example, the connection information of a Data Source contains sensitive information such as user names and passwords and/or internal server names. At configuration time, this data needs to be protected while transmitted from one component to another, and while it is saved in a persisted storage. Hence, it becomes essential to have a secure environment. The first level of security is an authenticated access to BI Gateway Model Builder that uses validates the user's credentials while accessing the application. BI Gateway uses Secure Sockets Layer (SSL) for enhanced security. This ensures that all calls to the web model configurator are encrypted so that the data does not get transported in clear text.

The second level of security is the use of Certificates which decides the use of Self Signed Certificates.

If you use a customer certificate for authentication, then you must also specify "Thumbprint" of customer that you extracted using the above-mentioned steps and update the thumbprint information in <CertificateThumbPrint>‎</CertificateThumbPrint> option in the EMIRuntimeConfigurator.xml file.

To configure the Certificates support

1. Open the EMIRuntimeConfigurator.xml file in a notepad editor from the BI Gateway Installation Bin directory. For example: C:\Program Files (x86)\Wonderware\Intelligence\Bin.

2. Edit the XML file and update the following information, which is set to true by default:

   <UseSelfSignedCertificate>false</UseSelfSignedCertificate>

   and then specify the thumbPrint in the <CertificateThumbPrint>‎</CertificateThumbPrint> option.

3. Save and close the file.

   NOTE: Restart the Intelligence Runtime service in order for the UseSelfSignedCertificate setting to take effect after changing this setting in the EMIRuntimeConfigurator.xml file.