Add an OPC UA server

Configure an OPC UA server by adding the OPC UA server object to the project and by editing the properties of the server.

  1. In Project view, right-click OPC-UA and select New > OPC UA server.
  2. In Properties, configure the OPC UA server.

    • Endpoint URL. The communication protocol and network address of the endpoint on the OPC UA server.

    • Maximum number of connections. Maximum number of OPC UA clients that can connect to the OPC UA server.

    • Use node path in NodeIds. Publish nodes with IDs that display the node path in this format ns=<namespace>;s=Path.To.Node. For example, ns=7;s=NewHMIProject1.Model.AnalogVariable1.

    • Sampling interval. Time interval between successive readings of the field variables by the OPC UA server.

    • Max array length. The maximum number of elements in an array.

    • Minimum message security mode:

      • None. The messages may be unsigned and unencrypted.

      • Signature. The messages must be signed or signed and encrypted.

      • Signature and encryption. The messages must be signed and encrypted.

    • Minimum security policy:

      • None. The OPC UA server does not require any specific security policy.

      • Basic256Sha256. The OPC UA server requires this security policy or a more secure policy.

      • Aes128_Sha256_RsaOaep. The OPC UA server requires this security policy or a more secure policy.

      • Aes256_Sha256_RsaPss. The OPC UA server requires this security policy.

    • Server certificate file. The public DER certificate file of the OPC UA server (X509v3).
      Tip:

      The server certificate file must be in the FTOptixApplication/ProjectFiles/PKI/Own/Certs folder.

      If specified, the private key must also be specified. If not server specified, it is automatically generated at runtime in the FTOptixApplication/ApplicationFiles/PKI/Own/Certs folder.

    • Server private key file. The private PEM key file of the OPC UA server encoded with ASCII Base64.
      Tip:

      The server private key file must be in the FTOptixApplication/ProjectFiles/PKI/Own/Certs folder.

      If specified, the certificate must also be specified. If not specified, it is automatically generated at runtime in the FTOptixApplication/ApplicationFiles/PKI/Own/Certs folder.

    • Product URI. A URI that globally identifies the software.

    • Product name. The name of the software.

    • Manufacturer name. The name of the software manufacturer.

  3. In Properties, next to Nodes to publish, select Add.

    A configuration of nodes to be published appears under Nodes to publish.

    Important: Every Publishing nodes always publishes child nodes.
  4. In Configuration#:
    • Add a node. Next to Nodes, select Add and configure the node by editing its properties. Repeat if necessary.
    • Add a user Next to Users, select Add and configure the user. Repeat if necessary.
      Important: If you expose specific nodes instead of the entire project, you must specify at least one user. The user can be the default Anonymous user.
    • To expose business logic nodes to OPC UA clients set PublishDynamicConfigurationNodes to True.

      Business logic nodes include dynamic links or linked variables, converters, and event handlers or methods associated to events.

  5. If necessary, repeat 3 through 4.

  1. Configure OPC UA server certificates and keys.

  2. Configure firewall for an OPC UA server.