Why to use Certificates

To provide mutual authentication for both client and server PKI certificates are required. The TLS protocol allows client-server applications to communicate and prevent from security attacks such as eavesdropping, message tampering, and message forgery.

Important: To make newly created WinCC OA projects (using certificates) run "out of the box", we deliver standard certificates with the product. For real plant projects the use of these certificates is not allowed and own project specific certificates must be created!
Note:

Note that you set a meaningful expiration date for your certificates. The expiration date must match the needs of your security requirements, according to the planned facility runtime and/or security upgrade cycles.

Note also our WinCC OA Security trainings (see Trainings), e.g. the "Certified WinCC OA Security Workshop".