We have prepared our UMC server and the basic configuration on our engineering station, along with our TIA Portal project.
The next thing we are going to configure within our project is the security properties of our WinCC Unified Runtime.
Runtime settings -> Security -> Access control
We define:
The Server address is our UMC server https://umc-server.
The Address of identity provider is the address of our server concatenating /umc-sso -> https://umc-server/umc-sso
To find the Server ID, we will locate it in the certificate we have created and installed. After all the tests performed, I recommend managing these certificates with Siemens' own tool, it simplifies the configurations.
We open Internet Information Services (IIS) and in the root we go to "Server Certificates".
We select our certificate and go to "View". The following pop-up screen opens, and within the details, the Thumbprint is the number we are interested in. ;-)
We can now compile and transfer the project to our WinCC Unified Runtime, having previously run the WinCC Unified Configuration, installed the certificate, and completed those prior steps.
As a point to highlight in the configuration of User management, we have selected Select local or central user management in TIA Portal
We go to the properties of the Runtime manager settings in the gear icon.
Select configuration, where once our project is transferred, it will be the one we select; if we have not transferred any project, we cannot perform this configuration, as it is related :-)
And we will be able to redefine the configuration we had made in TIA Portal.
We check the connection and that's it. :-)
Surely, the first time you run the runtime you will see the following warning. :-) The solution is to install the certificate from our UMC-Server.
And that's it :-) . This is one of the reasons why it is much easier to create and manage certificates with Siemens' tool.
