OPC UA Interface Template
The template defines the parameters for connecting to an OPC UA server.
Refer to the common template parameters.
Template Parameters
The paragraphs below provide the details of each field.
Warning
Several fields allow or require the name of a certificate for security or identification. When selecting a certificate, make sure that the chosen certificate is not used by other parts of the Ometa framework, e.g. the Authority service, or even by Windows components like IIS.
Even more, it is strongly advised that any certificate utilised by the OPC UA components (interface and service), is specifically reserved and used for that purpose only.
Connection Settings
In these fields, the host name and security options are defined.
| Parameter | Type | Description |
|---|---|---|
| Server Endpoint URL | External | OPC UA Endpoint URI to know to which server to connect to. |
| Secure Connection | External | States whether a connection must use certificates and encryption or not. |
| Transport Certificate Store Path | External | Path within the PKI store where all transport certificates must be stored. |
| Transport Certificate Name | External | Name of the transport certificate within the PKI store. |
| Certificate Authority Store Path | External | Path within the PKI store where all CA certificates must be stored. |
| Trusted Peers Store Path | External | Path within the PKI store where all trusted UA application certificates must be stored. |
| Rejected Certificate Store Path | External | Path within the PKI store where all untrusted certificates must be stored. |
Note
All fields regarding certificates, Transport Certificate Store Path, Transport Certificate Name, Certificate Authority Store Path, Trusted Peers Store Path and Rejected Certificate Store Path, are required to be set even when Secure Connection is set to false.
The transport certificate is also used for identification, therefore such a certificate must always be provided even when transport encryption is disabled (Secure Connection = False).
Authentication Options
Logging on to a specific account on the OPC UA server, can be set using the following fields:
| Parameter | Type | Description |
|---|---|---|
| Authentication Method | External | State the type of method of user logon. Possible values: Anonymous, Credentials, Certificate and Token. |
| User Name | External | User name to use when logging on to the OPC UA server. Only used when the authentication method is set to Credentials. |
| Password | External | Password to use when logging on to the OPC UA server. Only used when the authentication method is set to Credentials. |
| User Certificate Store Path | External | Path within the PKI store where all user certificates must be stored. Only applicable when the authentication method is set to Certificate. |
| User Certificate Name | External | Name of the user certificate within the PKI store. Only applicable when the authentication method is set to Certificate. |
Note
Despite the fact the Authentication Method can be set to Token, currently the OPC UA client implementation within the Ometa Framework does NOT support it. Only Anonymous, Credentials and Certificate can be used.
Example
The following example shows the profile for connecting to a Beckhoff PLC device.
| Parameter | Value |
|---|---|
| Server Endpoint URL | opc.tcp://CX-3B306B:4840/ |
| Secure Connection | False |
| Transport Certificate Store Path | LocalMachine\My |
| Transport Certificate Name | C=Belgium, O=Ometa, DC=localhost, CN=Ometa OPC UA |
| Certificate Authority Store Path | LocalMachine\CA |
| Trusted Peers Store Path | LocalMachine\TrustedPeople |
| Rejected Certificate Store Path | LocalMachine\Disallowed |
| Authentication Method | Anonymous |
| User Name | |
| Password | |
| User Certificate Store Path | CurrentUser\My |
| User Certificate Name |