Skip to main content

Tools PointStack Resources Wiki

K

Tools, community, and knowledge for building automation professionals.

Tools

SimulatorSidekick
QR Sidekick
BAS Atlas
Calculators

Resources

Wiki
BAS Atlas
Rust Crates
References

Community

PointStack
Contact

© 2026 BASidekick. All rights reserved.

rob@basidekick.com

Niagara 4 Platform Fails TLS Connection (Certificate Problems) | BASidekick Wiki

Back to WikiIssues & Solutions

Niagara 4 Platform Fails TLS Connection (Certificate Problems)

AnonymousDec 29, 20250 views

security troubleshooting tls niagara certificate

Problem

Operators cannot connect over HTTPS; Workbench shows SSL/TLS errors, and browsers report "connection not secure" or refuse to load the station.

Root Cause

Self-signed or expired certificates not trusted by clients, missing CA in trust store, or station not configured per Tridium's hardening guidelines.

Solution

1. Create or Import Proper Server Certificate

Follow the Niagara 4 Hardening Guide to create or import a proper server certificate into the platform key store

2. For Corporate CA

Import the CA certificate into Niagara's trusted certificates
Also import into client OS/browser trust stores

3. Replace Expired Certificates

Replace expired self-signed certs
Ensure the station is bound to the new certificate in platform HTTP/HTTPS settings

4. Disable Weak Protocols

Disable weak protocols/ciphers
Require TLS-only connections as recommended in the hardening guide

5. Test from Clean Browser

Test from Workbench and a clean browser profile
Confirm the certificate chain is valid and trusted

Comments (0)

No comments yet. Be the first to comment!

Sign in to leave a comment.