Resolving Certificate Errors on Touchscreens
Why does this happen?
3-series processors with authentication or ssl enabled and all 4-series processors will force all web traffic to use HTTPS. HTTPS encrypts the traffic using its own certificate. A normal website will use a certificate that has been signed by a company that is guaranteeing the authenticity of the site. That guarantee is backed by tracing the signing of the certificate back to root certification authorities using lists that are embedded in all browsers. If the verification of certificate fails then the certificate is not trusted. Browsers prompt the user to acknowledge that they know the site has not been validated by a trusted authority.
What can we do?
There are two solutions to this problem. One is to establish your own internal trust. This is typically handled in enterprises as they setup their own root of trust and sign certificates. It can be done on a smaller scale but it requires knowledge of generating and managing certificates. The other option is to load the certificate of the processor into the touchpanel as a trusted certificate. We will not cover setting up your own certificate authority but the steps for adding the certificate to the touchpanel apply for a managed certificate.
Solving the problem with the processor's certificate
- Navigate your computer's web browser to the processor https://(Processors_IP_Address). Accept the certificate.
- Download the certificate (varies by browser): Certificate Retrieval Instructions by Browser
- Connect to the touchscreen in Toolbox using the System Info tool
- Go to Functions->Security Certificates menu
- Select "Add Root Certificate"
- Select the certificate. Note, if the certificate has a .pem extension, change it to .cer due to a Toolbox bug.
- The added certificate will show. It must be replaced by the expiration date/time.