Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Secure Your Ignition
the Easy Way
– Setting up Ignition
with a Reverse Proxy
Roy Westwood
Systems Engineering Manager, Europe –
Roeslein & Associates
• HTTPS SSL Encryption
• Uses industry standard free Let’s Encrypt Certificates
• Auto Renewing Certificates
• Multiple Ig...
Traditional Proxy
Traditional Proxy
Clients
Proxy
Servers
Reverse Proxy
Reverse Proxy
Clients
Reverse Proxy
Servers
Reverse Proxy
Clients
Reverse Proxy
Servers
HTTPS Encrypted (Port 443)
Reverse Proxy
Clients
Reverse Proxy
Servers
HTTPS Encrypted (Port 443)
Internal Network (Port 8088)
The Plan For Today
Reverse Proxy – The Plan For Today
Clients
Windows Server running
Caddy 2
Servers
HTTPS Encrypted (Port 443)
Internal Netw...
Reverse Proxy – IP’s
Clients
Windows Server running
Caddy 2
Servers
HTTPS Encrypted (Port 443)
Internal Network (Port 8088...
Reverse Proxy – Domains
Clients
Windows Server running
Caddy 2
Servers
HTTPS Encrypted (Port 443)
Internal Network (Port 8...
Caddy Server
Caddy 2
caddyserver.com
Recap
• Domain Name A Record pointing to Static IP
Address of router/firewall
• Firewall/Router port forwarding ports 80 and 443...
• Install Caddy 2 from Github
https://github.com/caddyserver/caddy/releases
• Create caddyfile for your setup
• Install th...
• Install as normal
• Leave as port 8088
• Enjoy the best SCADA software on the planet via
encrypted auto renewing SSL
Rec...
• Step by step guide on installing Caddyserver on
Windows Server
• Step by step guide on installing Caddyserver on
Ubuntu ...
ICC 2020: Secure Your Ignition the Easy Way – Setting up Ignition with a Reverse Proxy
ICC 2020: Secure Your Ignition the Easy Way – Setting up Ignition with a Reverse Proxy
ICC 2020: Secure Your Ignition the Easy Way – Setting up Ignition with a Reverse Proxy
Upcoming SlideShare
Loading in …5
×
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Download to read offline

ICC 2020: Secure Your Ignition the Easy Way – Setting up Ignition with a Reverse Proxy

Download to read offline

In this session, learn how to leverage free and open source reverse proxy software to secure your Ignition install with auto-renewing SSL certificates.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

ICC 2020: Secure Your Ignition the Easy Way – Setting up Ignition with a Reverse Proxy

  1. 1. Secure Your Ignition the Easy Way – Setting up Ignition with a Reverse Proxy
  2. 2. Roy Westwood Systems Engineering Manager, Europe – Roeslein & Associates
  3. 3. • HTTPS SSL Encryption • Uses industry standard free Let’s Encrypt Certificates • Auto Renewing Certificates • Multiple Ignition installs behind one main internet IP address • Great for collaboration with geographically dispersed development teams • Easy and cross platform Reverse Proxy Benefits with Ignition Why is this useful?
  4. 4. Traditional Proxy
  5. 5. Traditional Proxy Clients Proxy Servers
  6. 6. Reverse Proxy
  7. 7. Reverse Proxy Clients Reverse Proxy Servers
  8. 8. Reverse Proxy Clients Reverse Proxy Servers HTTPS Encrypted (Port 443)
  9. 9. Reverse Proxy Clients Reverse Proxy Servers HTTPS Encrypted (Port 443) Internal Network (Port 8088)
  10. 10. The Plan For Today
  11. 11. Reverse Proxy – The Plan For Today Clients Windows Server running Caddy 2 Servers HTTPS Encrypted (Port 443) Internal Network (Port 8088) Reverse Proxy Windows Server Ignition 8 Linux Server Ignition Maker Edition
  12. 12. Reverse Proxy – IP’s Clients Windows Server running Caddy 2 Servers HTTPS Encrypted (Port 443) Internal Network (Port 8088) Reverse Proxy Windows Server Ignition 8 Linux Server Ignition Maker Edition 192.168.100.82 192.168.100.83 192.168.100.84
  13. 13. Reverse Proxy – Domains Clients Windows Server running Caddy 2 Servers HTTPS Encrypted (Port 443) Internal Network (Port 8088) Reverse Proxy Windows Server Ignition 8 Linux Server Ignition Maker Edition 192.168.100.82 maker.roesleinsystems.com ignition8.roesleinsystems.com
  14. 14. Caddy Server
  15. 15. Caddy 2 caddyserver.com
  16. 16. Recap
  17. 17. • Domain Name A Record pointing to Static IP Address of router/firewall • Firewall/Router port forwarding ports 80 and 443 to Reverse Proxy internal IP • Software firewall open ports 80 and 443 inbound on Reverse Proxy Server • Optional but recommended – Internal DNS server should route your domain names direct to internal ip of reverse proxy. I use PiHole2 for this. Recap Networking
  18. 18. • Install Caddy 2 from Github https://github.com/caddyserver/caddy/releases • Create caddyfile for your setup • Install the Non-Sucking Service Manager • Create a service for Caddy Recap Proxy Setup
  19. 19. • Install as normal • Leave as port 8088 • Enjoy the best SCADA software on the planet via encrypted auto renewing SSL Recap Ignition Setup
  20. 20. • Step by step guide on installing Caddyserver on Windows Server • Step by step guide on installing Caddyserver on Ubuntu Linux Server • Includes sample Caddyfile’s customized for Ignition Further Notes IndustryThing.com

In this session, learn how to leverage free and open source reverse proxy software to secure your Ignition install with auto-renewing SSL certificates.

Views

Total views

84

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

23

Shares

0

Comments

0

Likes

0

×