Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Connecting to OPCUA server with certification
October 17, 2018
13:28, EEST
Avatar
Akeold
New Member
Members
Forum Posts: 2
Member Since:
October 17, 2018
sp_UserOfflineSmall Offline

I’m able to connect to OPCUA server simulator using a SCADA OPCUA driver client (from indusoft) when selecting None security. But I now I need to test it with security enabled.
On Client side, I can choose from sign or sign&encrypt like OPCUA server has, but after choosing one of these security options and testing the connectivity, I receive a “No valid certificates” message on client side.
So my question is more related on which will be the steps to follow in order to connect with success.
– I see there’s some der files (SimulatorServerCA and SimulationServer der files), so do I have to something with it on client side?
– or do I have to add something on OPCUA server side?
– Which is the process configuration should I consider on client/server side in order to connect with Prosys OPCUA server?

October 17, 2018
19:00, EEST
Avatar
Heikki Tahvanainen
Member
Members
Forum Posts: 402
Member Since:
April 17, 2013
sp_UserOfflineSmall Offline

Hi,

In OPC UA, every application has an application instance certificate. The client application needs to trust the server certificate and also the server needs to trust the client certificate. The certificates may be signed by a trusted CA (Certificate Authority) or they may be self-signed.

In Prosys OPC UA Simulation Server, certificate handling is done on “Certificates” tab. You can trust the client certificate by right clicking and selecting “Trust”.

To trust the server certificate in the client application, you’ll need to consult the SCADA system manual and find out the process for this specific client application. The client application might prompt users to trust certificates or there may be some other mechanism, for example moving the certificate file from a rejected location to a trusted location. Usually it’s not necessary to manually move the certificate files between hosts, but if it is required, the correct file would be the “SimulationServer.der”.

October 18, 2018
14:54, EEST
Avatar
Akeold
New Member
Members
Forum Posts: 2
Member Since:
October 17, 2018
sp_UserOfflineSmall Offline

Thanks for your support Heikki, it’s clear. Wink

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 1919

Currently Online:
14 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Heikki Tahvanainen: 402

hbrackel: 144

rocket science: 88

pramanj: 86

Francesco Zambon: 83

Ibrahim: 78

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

Member Stats:

Guest Posters: 0

Members: 728

Moderators: 7

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1529

Posts: 6471

Newest Members:

ellis87832073466, zkxwilliemae, gabriellabachus, Deakin, KTP25Zof, Wojciech Kubala, efrennowell431, wilfredostuart, caitlynfajardo, jeromechubb7

Moderators: Jouni Aro: 1026, Pyry: 1, Petri: 0, Bjarne Boström: 1032, Jimmy Ni: 26, Matti Siponen: 349, Lusetti: 0

Administrators: admin: 1