Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Manufacturing Execution System 2023 R2

TABLE OF CONTENTS

Middleware Client Security settings

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedOct 23, 2024
  • 2 minute read

Notes:
- Starting with MES version 7.0, synchronous communications between the MES middleware and client components are encrypted by default.
- Starting with MES version 7.1 asynchronous and event notification communications between the MES middleware and client components are encrypted.

Certificate Revocation Check

This setting controls whether certificate revocation checks are performed for Event Broker message exchanges. The default setting is DISABLED.

Note: AVEVA recommends enabling this property for custom third-party certificates.

Security Mode for HTTP Communication

The default and recommended setting is TRANSPORT for secure synchronous communication using HTTPS. Select NONE (not recommended) for unsecured synchronous communication using HTTP.

Security Mode for TCP Communication

The default and recommended setting is TRANSPORT for secure synchronous communication. Select NONE (not recommended) for unsecured synchronous communication using TCP.

Communications between the MES middleware and the middleware proxies on client nodes can use either HTTPS/HTTP or TCP. HTTPS/HTTP is typically used when the Middleware Server and client nodes are not located in the same building. TCP is typically used when the Middleware Server and client nodes are located in the same building. This selection is based on the middleware proxy's Protocol setting for the MES Middleware Proxy component in the post‑install Configurator.

Note: If the security mode for TCP is enabled and the user under which the middleware service is running is changed from a Windows service account to a domain user account, communication with that middleware service from client machines will fail. For secure TCP communication (i.e., Security Mode for TCP Communication set to TRANSPORT), the MES middleware service must run under a virtual service account. To avoid this condition, use either HTTP communication or, to continue using TCP, disable the TCP security mode and in the post-install Configurator reconfigure the MES Middleware Proxy component.

TitleResults for “How to create a CRG?”Also Available in