Issue
Every time you compile a program object you get a message saying the "Program is not signed"
Product Line
TAC IA Series
Environment
- I/A Series N4 Jace 8000
- I/A Series N4 Enterprise Server
Cause
Tridium's Niagara N4 product will at some point in the future require code signing
Resolution
Create the main certificate in our Workbench to be used for signing our Program Objects.
- Go to the top drop-down menu on the Workbench and select "Tools - Certificate Management". Note: do not open the Certificate Management of your Platform. That is different and will be used for our running stations, not for this purpose.
- On the "User Key Store" tab, press "New" to create a new certificate.
- Fill in all the required fields.
- Make sure you change the "Not After" date so the certificate does not expire in just 1 year.
- Select the specific "Certificate Usage" as "Code Signing"
- Press "OK" and set a password for your certificate. Remember: this password will be asked by the workbench at the point of compiling your code.
- Now select the new certificate, then press the "Export" button below
- Export the certificate without the private key. You will be prompted then to give your certificate file a name and store it in your computer.
We would also recommend exporting the certificate again, this time with the private key included, and storing it with an indicative name, in case you want to transfer it to a different machine.
- Change tab and move to the "User Trust Store".
- From there, press the button "Import" at the bottom and select the certificate without the private key. It should appear in green as accepted in the windows above.
- Go to the top drop-down menu, and select "Tools - Options"
- Find the "Code Signing Options" on the left-hand side, and on the "Signing Cert" section select the certificate we have just created and accepted on our Workbench. Then press OK to confirm.
- Open the local host Platform, and double-click the platform Certificate Management.
- Select the tab "User Trust Store", then press the button "Import" and select again the certificate without the private key.
On the station running locally, you can now compile your code.
Note that the first time the Workbench will ask for your password (the one you assigned when creating the certificate). Add the password and see that the code now compiles with no certificate error
If you try compiling code on a Jace, it will return the "Certificate not trusted" until you add the certificate to the Jace Certificate Management too.
On the Jace Platform, double click the "Certificate Management", then select the tab "User Trust Store".
In there, press "Import" and select your certificate without the private key. Your program objects will now compile correctly.
