Enrolling an OPC UA server as a device in Security Center

Enrolling an OPC UA server as a device in Security Center - Industrial IoT 4.4.2.4

Industrial IoT Plugin Guide 4.4.2.4

Applies to

Industrial IoT 4.4.2.4

Last updated

2022-10-12

Content type

Guides > Plugin and extension guides

Language

English

Product

Industrial IoT

Version

4.4

The OPC UA server receives data from devices. The OPC Client plugin turns Security Center into an OPC client, which connects to the OPC UA server to receive events and state changes from the devices. To communicate with an OPC UA server, it must be added to Security Center as a device.

Before you begin

Make sure you understand how OPC Unified Architecture works.
Install your OPC UA server and related devices, and verify that they function correctly.
Verify that the OPC Client plugin role is displayed in the entity browser. If it is not displayed, install the OPC Client plugin now.

What you should know

You can only enroll one OPC UA server per OPC Client plugin role.

Procedure

From the Config Tool home page, open the Plugins task.
Select the OPC Client plugin role from the entity browser and click the Devices tab.
Click Add device () and enter the following information:

Device name

The name you want of the device entity that will represent the OPC UA server.

Server name

The name of the computer on which the OPC UA server resides.

Server

The address of the server. You can select this server by clicking Discover and navigating to its location on your network. The URL format is opc.tcp://<host>:<port>/, where <host> is the hostname or IP address, and <port> is the TCP port used by the plugin and OPC UA server to communicate.

Message security

The security type for messages sent from the OPC UA server. Choose one of the following:

None

No security is applied.

Sign

All messages are signed but not encrypted.

Sign and encrypt

All messages are signed and encrypted.

Security policy

Select the algorithm for how messages from the OPC UA server are signed and encrypted.

Scheme

Select the authentication scheme that is required for OPC Client to connect to the OPC UA server. Choose one of the following:

Anonymous

No authentication required to connect.

Username and password

Connect to the OPC UA server using credentials. Enter your username and password.
NOTE: When you choose this option, the Allow unsecure credentials checkbox appears. Checking this box allows a user's credentials to be transmitted across an insecure channel.

Certificate

Choose to connect to the OPC UA server using a certificate. If messages sent from the OPC UA server are signed or signed and encrypted, you must trust the OPC UA server certificate. To do this, after the OPC UA server has been added, navigate to the Connection tab of the device, click View certificate > Trust > Close.
NOTE: You can also select a certificate and authentication type by clicking Discover in the Add device dialog box, selecting a certificate, and clicking Select.
Click Apply.

Results

The device is displayed in the entity browser, nested under the OPC Client plugin role.

After you finish

Adding data points to OPC Client devices or entities.