Setting the Site Security Level to Encrypted and Trusted - Metasys - LIT-12011279 - General System Information - Metasys System - 10.1

Network and IT Guidance Technical Bulletin

Product
Building Automation Systems > Building Automation Systems > Metasys System
Document type
Technical Bulletin
Document number
LIT-12011279
Version
10.1
Revision date
2019-12-20

About this task

You can set the Site Security Level offline with SCT or online with the Site Management Portal UI. To use the online method to set the Site Security Level to Encrypted and Trusted, follow these steps:

Procedure

  1. Log on the Site Management Portal of the Site Director.
  2. Open the Site View for the Site Director.
  3. With Advanced selected, click Edit.
  4. Locate the Site Security Level attribute under the Operational Data section.
  5. Click the down arrow and select Encrypted and Trusted.
    Note: When you set the Site Security Level attribute in the Site object to Encrypted and Trusted, all network engines reporting to the Site Director are modified to change their Site Security Level attribute to Encrypted and Trusted. If a network engine Site Security Level attribute is set to Encrypted and Trusted but does not have a trusted certificate, communication between the Site Director and the network engine is lost because the Site Director now requires the engine to communication with a trusted certificate. Also, if sometime later you want to change a network engine's Site Security Level back to Encrypted Only, you need to log on the network engine directly.

    Before you set the Site object Site Security Level attribute to Encrypted and Trusted, verify that all network engines reporting to the Site Director have trusted certificates. If the network engines do not have trusted certificates, keep this attribute set to Encrypted Only.

  6. Click Save. The server and engines across the entire site now use encrypted and trusted communication.
  7. As an option, use SCT to upload the Site Director so that this change is reflected in the database archive.
    If you want to later change the site to use encrypted only communication, repeat these steps but select Encrypted Only, then use SCT to upload the change to the archive.