Enrolling an OPC UA server as a device in Security Center - Industrial IoT

Industrial IoT Plugin Guide

Applies to
Industrial IoT
Last updated
Content type
Guides > Plugin and extension guides
Industrial IoT

The OPC UA server receives data from devices. The OPC Client plugin turns Security Center into an OPC client, which connects to the OPC UA server to receive events and state changes from the devices. To communicate with an OPC UA server, it must be added to Security Center as a device.

Before you begin

What you should know

You can only enroll one OPC UA server per OPC Client plugin role.


  1. From the Config Tool home page, open the Plugins task.
  2. Select the OPC Client plugin role from the entity browser and click the Devices tab.
  3. Click Add device () and enter the following information:
    Device name
    The name you want of the device entity that will represent the OPC UA server.
    Server name
    The name of the computer on which the OPC UA server resides.
    The address of the server. You can select this server by clicking Discover and navigating to its location on your network. The URL format is opc.tcp://<host>:<port>/, where <host> is the hostname or IP address, and <port> is the TCP port used by the plugin and OPC UA server to communicate.
    Message security
    The security type for messages sent from the OPC UA server. Choose one of the following:
    No security is applied.
    All messages are signed but not encrypted.
    Sign and encrypt
    All messages are signed and encrypted.
    Security policy
    Select the algorithm for how messages from the OPC UA server are signed and encrypted.
    Select the authentication scheme that is required for OPC Client to connect to the OPC UA server. Choose one of the following:
    No authentication required to connect.
    Username and password
    Connect to the OPC UA server using credentials. Enter your username and password.
    NOTE: When you choose this option, the Allow unsecure credentials checkbox appears. Checking this box allows a user's credentials to be transmitted across an insecure channel.
    Choose to connect to the OPC UA server using a certificate. If messages sent from the OPC UA server are signed or signed and encrypted, you must trust the OPC UA server certificate. To do this, after the OPC UA server has been added, navigate to the Connection tab of the device, click View certificate > Trust > Close.
    NOTE: You can also select a certificate and authentication type by clicking Discover in the Add device dialog box, selecting a certificate, and clicking Select.
  4. Click Apply.


The device is displayed in the entity browser, nested under the OPC Client plugin role.