Skip to main content

Tab: Communication, via OPC UA Server

Where to find the server layout

Browse Live Server:

The client connects to the server and detects the existing variables and types.

From Information Model

The client reads the data structure (layout) of the OPC UA Server from the information model set here and as a result receives the information about available variables and types. A connection to the server is not required.

The list box contains the information models installed in the OPC UA Information Model Repository.

Read Connection Settings from IEC Variable

_cds_icon_checked.png: The connection settings used by the device are not read here from the dialog, but at runtime from the IEC variable specified here.

For this possibility, see: Using a Dynamic Connection to an OPC UA Server

Connection Type

Server URl

URI of the OPC UA Server; editable

Show All Endpoints

The button opens the Available Endpoints dialog with the end points available on the OPC UA Server. An "endpoint" is a combination of security settings.

The lower part of the dialog displays the available user tokens: PolicyId, TokenType, and SecurityPolice

For the selected end point, clicking Apply will apply the security settings SecurityMode and SecurityPolicy on the Communication tab in the Security section.

Security

Messages Security Mode

Type of encryption

  • None: No encryption and no signing

    Note: if you select this option, there can be no guarantee who receives the data. Therefore, None should be used exclusively in closed networks.

  • Sign and Encrypt: The transferred data will be signed and encrypted. Signing makes sure that the data is not manipulated and the receiver is correct.

  • Sign: The transferred data will be signed.

Signing and encryption work only for certificates.

Security Policy

List box for the encryption method to be used:

  • Basic256sha256

Requirement: Either Sign and Encrypt or Sign was selected for Messages Security Mode.

Client certificate

Here you can specify a certificate for an encrypted signed access to the OPC UA Server for the purpose of browsing.

Note

The access which is safeguarded in this way is ONLY for browsing the server (see above, Browse Live Server option). For encrypted data exchange between the server and client in online mode, a separate certificate is required, which can be created in the security screen. For more information see: OPC UA Server, Creating a certificate of the CODESYS OPC UA Server.

In case a certificate is not available for selection, you can click the _comm_icon_create_certificate.png button to open the Create Self-Signed Certificate dialog. Here you define a password for your private key and a file name for the certificate. When you click OK, the certificate files .cer and .pfx are created in the project directory and the certificate is automatically registered in the certificate manager.

Authentication

Anonymous

Access without authentication. Permission for this can be granted for compatibility reasons in the Change Communication Policy dialog on the Communication Settings tab of the device editor.

User name

Access to the OPC UA Server requires the entry of a user name and password. You can programmatically set up how the transfer of this authentication data should be done:

To help with the creation of a POU for this purpose in the project, you can click the Create Authentification Provider button to create a program template Datasource_OPCUA_Initializer and program it accordingly.

: