Before you can start the Siveillance Control client, you have to prepare the Windows clients.

Generated Certificate Store and Certificates

SSL certificates are used to ensure secure communication. Certificates are automatically generated for the client and server when installing Siveillance Control. The server certificate is assigned the identity of the server and is linked to the hostname. The following certificates are stored in the /usr/share/viewpoint/config directory on both the engineering and runtime server.

File

Description

Save on client under

agent-[hostname].jts

Java certificate (per server)

%JAVA_HOME%\lib\security

viewpointcertificate.cer

SSL browser certificate

Certificate store: Trusted root certification authorities

viewpoint.p12

Private key for online help

Certificate store: Personal

A new certificate is only generated if no certificate is available or the existing certificate is invalid. Certificates continue to be valid after migration. The certificates therefore only have to be installed on the client hosts.

Copying Server Certificates to Clients

Before you can install the certificates on the client, you have to copy them from the server.

  1. Log in to the server as root.
  1. Enter the following command to change the directory:
    #cd /usr/share/viewpoint/config
  1. Enter the following command to display a list of available files:
    #ls –l
  1. Copy the following required certificates to a temporary directory on the Windows client host by using a USB stick or WinSCP:
  • viewpointcertificate.cer
  • viewpoint.p12
  • agent-[hostname].jts
  1. For security reasons, it is recommended to deactivate the user created during the Debian installation after you have finished working on the server site.
  • Enter the following command to deactivate the user:
    usermod –L [username]
  • Enter the following command to reactivate the user:
    usermod –U [username]

Installing SSL Certificates for Browsers

If a trusted certificate is not available, install the SSL certificate for browsers on the client host by using a browser. Depending on the browser, the installation differs slightly.

The security of the generated SSL certificate is not guaranteed.

  • The file viewpointcertificate.cer has been copied to a temporary directory.
  1. Double-click viewpointcertificate.cer.
  1. If a security warning appears, click Open.
  1. Click Install Certificate.
  1. Select the Current User option and click Next.
  1. Select the Place all certificates in the following store option and click Browse.
  1. Choose Trusted Root Certification Authorities and click OK.
  1. Click Next and Finish.
  1. In the security warning, check the name of the Siveillance Control server host.
  1. If the server name is correct, select Yes.
  • After the certificate is installed successfully, the message The certificate has been installed appears.

Installing SSL Certificates for Java Clients

If a trusted certificate is not available, install SSL certificates for the Java clients. Both the certificates for the engineering and runtime server have to be installed on the Windows clients. You can only install the server certificates locally on the client host.

The security of the generated SSL certificate is not guaranteed.

  • The file agent-[hostname].jts has been copied to a temporary directory.
  • Copy the agent-[hostname].jts certificate to %JAVA_HOME%\jre\lib\security.

Installing Private Keys for the Online Help

To enable the display of the online help, you have to install a private key on the client host.

  • The file viewpoint.p12 has been copied to a temporary directory.
  1. Contact the Siemens service technician or hotline to get the password for import of the key.
  1. Double-click viewpoint.p12.
  1. Select the Current User option and click Next twice.
  1. Enter the password and click Next.
  1. Select the Place all certificates in the following store option and click Browse…
  1. Choose Personal and click OK.
  1. Click Next and Finish.
  1. If a high level of security is required, complete the following steps:
  • Click Set Security Level.
  • Enter a password.
  • Click OK.
  • Store the password securely, since you have to enter it each time you are calling up the online help.

Resolving the Host IP Address Siveillance Control Clients

If no DNS is available, the IP address has to be resolved in the hosts file.

  1. Start an editor like Notepad++ with administrator rights.
  1. Open the following file:
    C:\Windows\System32\drivers\etc\hosts
  1. At the end of the file, insert the entry [ip-address] [hostname]:
  • For the engineering server enter for example:
    10.1.2.208 siveillancecontrol-ee-208
  • For the runtime server enter for example:
    10.1.2.209 siveillancecontrol-rt-209
  1. Save the hosts file.
  1. Test the entry with the following command:
    ping [hostname]

Copying Default Data to the Windows Client

  • The defaultDisciplines.mox file is available. This file is necessary to set the discipline of the objects in the Location Tree.
  • The defaultVisualizationVariants.mox file is available.
  • The defaultAccessRouteGraphics.mox file is available.
  1. Open a terminal window.
  1. Enter the following commands to copy the files:
    cp /usr/share/viewpoint/default_data/defaultDisciplines.mox /home/[user]
    cp /usr/share/viewpoint/default_data/defaultVisualizationVariants.mox /home/[user]
    cp /usr/share/viewpoint/default_data/defaultAccessRouteGraphics.mox /home/[user]
  1. Copy the files to a temporary directory on the Windows client by using WinSCP.
  1. Import the files into Siveillance Control.