Create image and EcoStruxure Machine Expert project and set communication parameters:
|
Step |
Action |
|---|---|
|
1 |
Create a new controller image with the . See . |
|
2 |
Save newly created image on the CompactFlashTM card by using the . See . |
|
3 |
Create a new EcoStruxure Machine Expert project with the same controller type as saved on the CompactFlashTM card and the same firmware version. See |
|
4 |
Adjust the communication parameters of the controller in the EcoStruxure Machine Expert project correctly so that a login on the controller is possible. |
Publish symbols with OPC UA:
|
Step |
Action |
|---|---|
|
1 |
Add the object to the project by selecting under by using the EcoStruxure Machine Expert editor . |
|
2 |
Double-click the object and display the symbol configuration by using the button. |
|
3 |
Activate the symbols that shall be published in and change the user rights, if necessary. |
Start the OPC UA server:
|
Step |
Action |
|---|---|
|
1 |
Activate the OPC UA server via the SystemInterface.FC_OpcUaStart(",") function. More information on this function can be found under FC_OpcUaStart. |
Example:
Start the OPC UA server via the SystemInterface.FC_OpcUaStart()
diResult: DINT;
diResult := Systeminterface.FC_OpcUaStart(i_sUser := sUser, i_sPassword := sPassword);
The communication between the OPC UA server and the OPC UA client can be secured optionally by an encryption. In addition, a user name and password request can be activated.
To set up an encrypted connection between the OPC UA server and the OPC UA client, the following steps have to be performed:
Depending on the required "Security Policy" and "Message Security Mode", check or uncheck the checkbox
Define trusted certificates
Proceed as follows (see also ):
|
Step |
Action |
|---|---|
|
1 |
In the , double-click the controller. |
|
2 |
Select to open the tab. |
|
3 |
In the section, check or uncheck the checkbox , depending on the required "Security Policy" and "Message Security Mode". Checkbox unchecked:
Checkbox checked:
|
The OPC UA server and the client have to trust the public key of the other participant in order to be able to establish an encrypted connection. By default, the OPC UA server mistrusts every public key.
The client certificates that can be trusted must be located in a trusted certificates list. In order to allow the OPC UA server to trust the client and accept a connection, you have to move the respective client certificate from the rejected certificates list to the trusted certificates list.
Proceed as follows to move a rejected certificates list to the trusted certificates list (see also Client certificate management):
|
Step |
Action |
|---|---|
|
1 |
In the , double-click the controller. |
|
2 |
Select to open the tab. |
|
3 |
In the toolbar, click to get the server certificate data from the OPC UA client. Result: The OPC UA client server certificate data is displayed in the rejected certificates list. |
|
4 |
Click << to move a server certificate from the rejected certificates list to the trusted certificates list. Result: The status of the client certificate has changed to trusted. |
With the SystemInterface.FC_OpcUaGetServerConfig() function the current server configuration can be read out.
More information on this function can be found under FC_OpcUaGetServerConfig.
The OPC UA server can be stopped via the SystemInterface.FC_OpcUaStop() function.
More information on this function can be found under FC_OpcUaStop.