...
Example: D:\some.crt,#APPDIR#/another.crt
Note: The /DC start parameter can be used to disable verification of the other party at the D2000 KOM process level - e.g., if the other party's certificate expires or another emergency situation occurs, and it is not possible to reconfigure the other party operationally.
Note: The certificate must contain the public key of the certification authority (if the other party's certificate is signed by a chain of authorities, it must contain all of them). It does not need to contain the other party's public key itself.
...
Note about the redundancy of network communication
Currently, only two a few protocols supporting the TCP/IP-TCP redundant line are implemented. Protocol :
- Protocol IEC 870-5-104 Sinaut is a specific implementation of the protocol IEC 104 designed for redundant communication with the Sinaut Spectrum system.
...
- The IEC 870-5-104 protocol, which implements multiple options for setting redundancy parameters, is much more common in practice.
- The MQTT Client protocol allows connection to two independent MQTT brokers on a TCP/IP-TCP Redundant line.
Note on TLS communication to the cloud
In the TLS implementation in the D2000 KOM process, the TLS extension "server_name" was added to the TLS Client Hello message (establishing a TLS connection), whereby the symbolic name specified in the "TCP/IP - TCP" or "TCP/IP - TCP Redundant" line configuration is sent as "server_name". This enables, for example, the functionality of the MQTTS protocol in the AWS environment, where there are multiple customers on one IP address, and it is necessary to determine which hostname the client is connecting to.
Note: If the IP address is not specified, the TLS extension "server_name" is not used in the TLS Client Hello message has many options related to communication redundancy implemented.
| Info | ||
|---|---|---|
| ||
You can also read about TCP/IP-TCP line encryption in the blog Communication - encryption. |
...