Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Connecting to OPCUA server with certification
October 17, 2018
13:28, EEST
Avatar
Akeold
New Member
Members
Forum Posts: 2
Member Since:
October 17, 2018
sp_UserOfflineSmall Offline

I’m able to connect to OPCUA server simulator using a SCADA OPCUA driver client (from indusoft) when selecting None security. But I now I need to test it with security enabled.
On Client side, I can choose from sign or sign&encrypt like OPCUA server has, but after choosing one of these security options and testing the connectivity, I receive a “No valid certificates” message on client side.
So my question is more related on which will be the steps to follow in order to connect with success.
– I see there’s some der files (SimulatorServerCA and SimulationServer der files), so do I have to something with it on client side?
– or do I have to add something on OPCUA server side?
– Which is the process configuration should I consider on client/server side in order to connect with Prosys OPCUA server?

October 17, 2018
19:00, EEST
Avatar
Heikki Tahvanainen
Moderator
Members

Moderators
Forum Posts: 402
Member Since:
April 17, 2013
sp_UserOfflineSmall Offline

Hi,

In OPC UA, every application has an application instance certificate. The client application needs to trust the server certificate and also the server needs to trust the client certificate. The certificates may be signed by a trusted CA (Certificate Authority) or they may be self-signed.

In Prosys OPC UA Simulation Server, certificate handling is done on “Certificates” tab. You can trust the client certificate by right clicking and selecting “Trust”.

To trust the server certificate in the client application, you’ll need to consult the SCADA system manual and find out the process for this specific client application. The client application might prompt users to trust certificates or there may be some other mechanism, for example moving the certificate file from a rejected location to a trusted location. Usually it’s not necessary to manually move the certificate files between hosts, but if it is required, the correct file would be the “SimulationServer.der”.

October 18, 2018
14:54, EEST
Avatar
Akeold
New Member
Members
Forum Posts: 2
Member Since:
October 17, 2018
sp_UserOfflineSmall Offline

Thanks for your support Heikki, it’s clear. Wink

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 267

Currently Online:
13 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 100

pramanj: 86

ibrahim: 70

kapsl: 57

gjevremovic: 49

TimK: 41

Fransua33: 39

fred: 37

Rainer Versteeg: 32

Thomas Reuther: 26

Member Stats:

Guest Posters: 0

Members: 1058

Moderators: 14

Admins: 1

Forum Stats:

Groups: 3

Forums: 14

Topics: 981

Posts: 4145

Newest Members:

mats989, Sebastien Petitrenaud, sting2005, Ron Hoppe, Seb, p.devito, g.ilengo, MohamedLazrek, brittr83165991, martintinsley9

Moderators: Jouni Aro: 846, Otso Palonen: 32, Tuomas Hiltunen: 5, janimakela: 0, Pyry: 1, Terho: 0, Petri: 0, Bjarne Boström: 523, Heikki Tahvanainen: 402, Jukka Asikainen: 1, Teppo Uimonen: 20, Markus Johansson: 18, Matti Siponen: 31, Lusetti: 0

Administrators: admin: 0