Skip to main content

Connected

Wiki

K

NYC

--

--

System Status

SYS

NET

API

DB

23%

47%

Uptime: 00:00:00

Station Info

Station:BASidekick-01

Host:localhost

License:Active

Version:v1.0.0-beta

[nav]

System Status

SYS

NET

API

DB

23%

47%

Uptime: 00:00:00

Station Info

Station:BASidekick-01

Host:localhost

License:Active

Version:v1.0.0-beta

Ready

rob@basidekick.com|© 2025 BASidekick

Niagara 4 Platform Fails TLS Connection (Certificate Problems) | BASidekick Wiki

Back to WikiNiagara

Niagara 4 Platform Fails TLS Connection (Certificate Problems)

AnonymousDec 29, 20250 views

niagara troubleshooting security

Problem

Operators cannot connect over HTTPS; Workbench shows SSL/TLS errors, and browsers report "connection not secure" or refuse to load the station.

Root Cause

Self-signed or expired certificates not trusted by clients, missing CA in trust store, or station not configured per Tridium's hardening guidelines.

Solution

1. Create or Import Proper Server Certificate

Follow the Niagara 4 Hardening Guide to create or import a proper server certificate into the platform key store

2. For Corporate CA

Import the CA certificate into Niagara's trusted certificates
Also import into client OS/browser trust stores

3. Replace Expired Certificates

Replace expired self-signed certs
Ensure the station is bound to the new certificate in platform HTTP/HTTPS settings

4. Disable Weak Protocols

Disable weak protocols/ciphers
Require TLS-only connections as recommended in the hardening guide

5. Test from Clean Browser

Test from Workbench and a clean browser profile
Confirm the certificate chain is valid and trusted

Comments (0)

No comments yet. Be the first to comment!

Sign in to leave a comment.