Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ PI Server Installation and Configuration (PI Server 2024 R2)

TABLE OF CONTENTS

Learn about certificate management options

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedNov 21, 2025
  • 1 minute read

Certificate management involves issuing, renewing, and deploying certificates to endpoints, such as servers, devices, and virtual machines, to ensure access to PI System services remain uninterrupted.

The AIM certificate (without the private key) should be copied from the AIM node and installed on any PI Server machine that connects to the AVEVA Identity Manager.

There are two options for certificate management:

  • Option 1: PCS-generated certificates

  • Option 2: IT-managed certificates

Option 1: PCS-generated certificates

Use the Configurator utility to create the certificate used for trust connections. After certificate creation, add it to the "Trusted Root Certification Authorities" store in Windows. Finally, copy the certificate from the computer’s certificate store and then install it on any machine(s) that connects to AIM.

Option 2: IT-managed certificates

Obtain a certificate from your company’s IT department and then configure AIM to use the certificate. Certificate creation is up to your IT administrator.

Once the certificate is issued, you can import it using the Configurator utility.

Important: The certificate mode for all PI System services and client applications should be set to AllowExpiredOrRevoked when using PCS certificates for TLS communications.

In This Topic
TitleResults for “How to create a CRG?”Also Available in