Skip to main content
Skip table of contents

MAC36 - Station - No option to install a module on a brand new or moved station

Issue

It is not possible to install a JAR module on the MAC36 controller or the module installed in the Software Manager has a red flag and blocks the station from starting.

SoftwareManager-wrongJARmodule.png

Possible causes and solutions

The JAR module works properly on JACE-8000 or Edge10, but not MAC36, and displays a red flag in the Software Manager

Niagara distribution on Tridium controllers can differ from the distribution on the MAC36 controller by a number of trusted objects (System Trust Store in Certificate Management). For example, Niagara distribution 4.12.2.16 on the MAC36 controller has 135 public keys of the most recognized CA:

image-20230929-052943.png

The same distribution on the Tridium controllers has 155 public keys of the most recognized CA:

image-20230929-053010.png

If the module has a digital signature including one of the 20 public keys missing in the MAC36 controller, it will most certainly cause the situation where - contrary to the Tridium controllers - MAC36 will block the module.

Solutions

  • Sign the module with the own generated CA and save its public key to the User Trust Store in Certificate Managment.

  • Export the 20 missing public certificates from the System Trust Store (in Certificate Managment) from the Supervisor or the Tridium controller and import them to the User Trust Story (in Certificate Managment) in the MAC36 controller.

The JAR module cannot start on any Niagara platform or after being moved from one station to another

SW install signature error.png
ISMA device manager signature.png

When moving a station from one controller to another using the Station Copier, the certificates are not moved along. Therefore, if a source station includes any modules which is signed with the own generated CA, the public key of this certificate from the User Trust Store (in Certificate Managment) will not be transferred to a new controller.

Solutions

  • Manually export all keys from the User Trust Story (in Certificate Managment) on the source controller and import them to the User Trust Story on the target controller.

  • Re-sign the JAR module with the own generated CA, reload the newly signed JAR file copy and import the public key of the new CA to the User Trust Store (in Certificate Managment) on the target controller.

  • Change the level of security (niagara.moduleVerificationMode) to low in the system.properties files:

    • open the File Transfer Client in the controller’s platform,

    • create the Defaults folder in the main location of the controller;

      image-20240226-095213.png

    • create the system.properties in the Defaults folder,

    • paste the following contents in the file:

      image-20230718-114845.png

    • uncomment (remove the # mark) the line including the niagara.moduleVerificationMode parameter and enter the value low;

    • save changes and restart the controller.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close