Certificates play a crucial role in enhancing the security, authenticity, and integrity of the operations performed by Bosch Configuration Manager, making them a necessary component in modern networked environments.

Be aware that certificates ensure secure communication between the Bosch Configuration Manager and devices or servers. They use encryption to protect data from being intercepted or tampered with during transmission. This is particularly important when dealing with sensitive information or controlling critical infrastructure.

Step-by-step guide

If you want to set Configuration Manager to accept all certificates & allow all (non) encrypted connections, go to:

• Preferences > Security section > set "Optional" and certificate requirement as "None"

💡 Below, you will find more details regarding the Preferences tab > Security group and Certificate required level

Security group

Encrypt communication (defines the TLS connection preferences)
To define the TLS connection preferences, select the required levels.

– Optional
Encrypted connections (HTTPS) and non-encrypted connections (HTTP, RCP+) are allowed.
No certificate validation is performed. The certificate requirement level is not relevant.
The default protocol HTTP is used when adding devices to the system.
The VSDK security properties are set as follows: Allow unencrypted connections, Allow unencrypted media exports, and Allow no forward secrecy.

– Preferred

Encrypted connections (HTTPS) and non-encrypted connections (HTTP, RCP+) are allowed.
The certificate validation is performed. The certificate requirement level is relevant. If validation failed a warning is displayed but a connection still possible.
The default protocol HTTPS is used when adding devices to the system.
The VSDK security properties are set as follows: Allow unencrypted connections, Allow unencrypted media exports, and Allow no forward secrecy.

– Required

A communication with devices is only possible using HTTPS.
The certificate validation is performed. The certificate requirement level is relevant. If validation failed an error message is displayed and no connection is established.
The default protocol HTTPS is used when adding devices to the system.
There are no changes in the VSDK program.

Certificate required level

To validate certificates, select the required levels.

– None: All certificates are accepted. No validation is performed.

– Valid: Only an end certificate validation is performed. The certificate must be valid (standard validation procedure, time signature).

– Trusted: The entire chain validation is performed, The root CA certificate is used to sign the certificate and must be trusted on machines where the validation is performed.

– Issued by the CA: The entire chain validation is performed, The root CA certificate is used to sign the certificate and the MicroCA program must be configured in Configuration Manager program.