Working with the OPC UA Server
This topic contains the following subtopics
oReading the Server Configuration and Stopping the Server
|
Step |
Action |
|---|---|
|
1 |
Create a new controller image with the Controller Assistant. See Controller Assistant > Edit image / Create new image. |
|
2 |
Save newly created image on the CompactFlashTM card by using the Controller Assistant. See Controller Assistant > Load... / Save. |
|
3 |
Create a new EcoStruxure Machine Expert project with the same controller type as saved on the CompactFlashTM card and the same firmware version. See New project... |
|
4 |
Adjust the communication parameters of the controller in the EcoStruxure Machine Expert project correctly so that a login on the controller is possible. |
|
Step |
Action |
|---|---|
|
1 |
Add the object Symbol configuration to the project by selecting Context menu > Add object > System configuration... under Application by using the EcoStruxure Machine Expert editor Application Tree. |
|
2 |
Double-click the Symbol configuration object and display the symbol configuration by using the Create button. |
|
3 |
Activate the symbols that shall be published in Symbol configuration and change the user rights, if necessary. |
|
Step |
Action |
|---|---|
|
1 |
Activate the OPC UA server via the SystemInterface.FC_OpcUaStart(",") function. More information on this function can be found under FC_OpcUaStart. |
Example:
Start the OPC UA server via the SystemInterface.FC_OpcUaStart()
diResult: DINT;
diResult := Systeminterface.FC_OpcUaStart(i_sUser := sUser, i_sPassword := sPassword);
The communication between the OPC UA server and the OPC UA client can be secured optionally by an encryption. In addition, a user name and password request can be activated.
To set up an encrypted connection between the OPC UA server and the OPC UA client, the following steps have to be performed:
oOnly allow secure sessions
oDefine trusted certificates
|
Step |
Action |
|---|---|
|
1 |
In the Devices tree, double-click the controller. |
|
2 |
Select OPC UA server configuration > General settings to open the General settings tab. |
|
3 |
In the Security settings section, activate the option Only allow secure sessions. |
Define Trusted Client Certificates
The OPC UA server and the client have to trust the public key of the other participant in order to be able to establish an encrypted connection. By default, the OPC UA server mistrusts every public key.
The client certificates that can be trusted must be located in a trusted certificates list. In order to allow the OPC UA server to trust the client and accept a connection, you have to move the respective client certificate from the rejected certificates list to the trusted certificates list.
|
Step |
Action |
|---|---|
|
1 |
In the Devices tree, double-click the controller. |
|
2 |
Select OPC UA server configuration > Client certificate management to open the Client certificate management tab. |
|
3 |
In the toolbar, click Load to get the server certificate data from the OPC UA client. Result: The OPC UA client server certificate data is displayed in the rejected certificates list. |
|
4 |
Click << to move a server certificate from the rejected certificates list to the trusted certificates list. Result: The status of the client certificate has changed to trusted. |
User Name and Password Request
|
Step |
Action |
|---|---|
|
1 |
In the Device tree, double-click the controller. |
|
2 |
Select OPC UA server configuration > General settings to open the General settings tab. |
|
3 |
In the Security settings section, activate the option User password always required. Only a login with a user name and password is allowed. NOTE: User name and password are transferred in the FC_OpcUaStart (“User name”, “Password”). |
Reading the OPC UA Server Configuration
With the SystemInterface.FC_OpcUaGetServerConfig() function the current server configuration can be read out.
More information on this function can be found under FC_OpcUaGetServerConfig.
The OPC UA server can be stopped via the SystemInterface.FC_OpcUaStop() function.
More information on this function can be found under FC_OpcUaStop.
