The settings of the web server and the Rest API can be found in the menu on the left. This item is only displayed if the corresponding feature is included in your license.
General information and settings #
At the top of the Web Server / Rest API page you can see the current state of the web server.
Below that you can activate the web server and enter the desired port. All changes become active when you save.
The web server is not activated in the standard configuration. If you activate the web server, it will start automatically every time you start the software.
Please note:
Save settings: All changes are applied when you save the settings and the web server then restarts automatically.
Please note:
Access from another computer: If you want to access the web server or the Rest API from another computer, it is most likely necessary that you edit the firewall settings and release the port (TCP) stored here. For help with the firewall settings, please contact your local IT department.
SSL-Certificate #
Communication with the web server and the rest API is always encrypted (HTTPS/SSL), unencrypted communication (HTTP) is not possible.
A self-signed certificate is used for encryption in the default configuration. Some browsers then display a warning that a self-signed certificate has been used when the web page is opened. You can either simply acknowledge this warning and the web page opens normally, or you can import your own SSL certificate.
To do this, select the certificate file (e.g. *.pfx) and enter the certificate password. To create a certificate, please contact your local IT department.
Please note:
Certificate protection: If you import your own certificate, you must enter the password for it. Like all settings, this password is also stored in encrypted form. If you send us a support package, no login data for accounts, certificates or passwords will be transferred there, of course. All security-relevant data remains exclusively on your local computer.
Authentication #
Authentication allows you to protect access to the web server and the rest API.
You have two options for authentication:
- No authentication: A connection can be established without authentication.
- Basic Authentication: For calling web pages and using the Rest API, a username and password must be specified. You can freely choose the username and password in the settings.
Enabling access to individual resources #
In the last section of the configuration you can set the access to individual resources (PLC connections, triggers).
You can set for each trigger individually whether it can be started via the Rest-API.
For each PLC you can set whether the variable values can be read (read access) or whether they may also be written to the PLC (read and write access).
If you try to access a resource that is not released via the Rest-API, you will receive the error code 403 (Forbidden).
Please note:
Default is no access: For all PLC connections and triggers that you create, no access is always selected first for security reasons. If you wanted to release these resources, you always have to set them via the web server first.
