Please consider registering

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —

— Match —

— Forum Options —

Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Connecting to OPCUA server with certification
October 17, 2018
13:28, EEST
New Member
Forum Posts: 2
Member Since:
October 17, 2018
sp_UserOfflineSmall Offline

I’m able to connect to OPCUA server simulator using a SCADA OPCUA driver client (from indusoft) when selecting None security. But I now I need to test it with security enabled.
On Client side, I can choose from sign or sign&encrypt like OPCUA server has, but after choosing one of these security options and testing the connectivity, I receive a “No valid certificates” message on client side.
So my question is more related on which will be the steps to follow in order to connect with success.
– I see there’s some der files (SimulatorServerCA and SimulationServer der files), so do I have to something with it on client side?
– or do I have to add something on OPCUA server side?
– Which is the process configuration should I consider on client/server side in order to connect with Prosys OPCUA server?

October 17, 2018
19:00, EEST
Heikki Tahvanainen
Forum Posts: 402
Member Since:
April 17, 2013
sp_UserOfflineSmall Offline


In OPC UA, every application has an application instance certificate. The client application needs to trust the server certificate and also the server needs to trust the client certificate. The certificates may be signed by a trusted CA (Certificate Authority) or they may be self-signed.

In Prosys OPC UA Simulation Server, certificate handling is done on “Certificates” tab. You can trust the client certificate by right clicking and selecting “Trust”.

To trust the server certificate in the client application, you’ll need to consult the SCADA system manual and find out the process for this specific client application. The client application might prompt users to trust certificates or there may be some other mechanism, for example moving the certificate file from a rejected location to a trusted location. Usually it’s not necessary to manually move the certificate files between hosts, but if it is required, the correct file would be the “SimulationServer.der”.

October 18, 2018
14:54, EEST
New Member
Forum Posts: 2
Member Since:
October 17, 2018
sp_UserOfflineSmall Offline

Thanks for your support Heikki, it’s clear. Wink

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
8 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Heikki Tahvanainen: 402

hbrackel: 142

pramanj: 86

Francesco Zambon: 83

rocket science: 82

Ibrahim: 76

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

Member Stats:

Guest Posters: 0

Members: 704

Moderators: 7

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1482

Posts: 6316

Newest Members:

samui, TommyDab, wross, Jeremyknock, Pedromon, DonaldEdism, Miguelplese, Scotanine, katesalas95, Petertum

Moderators: Jouni Aro: 1015, Pyry: 1, Petri: 0, Bjarne Boström: 994, Jimmy Ni: 26, Matti Siponen: 330, Lusetti: 0

Administrators: admin: 1