Skip to content

OPC-UA Client

Activate OPC-UA client and connect to server

The CMTK can also receive data from an OPC-UA Server as OPC-UA Client. You can activate this function in the Settings section and in the OPC-UA Client tab.


OPC-UA client settings.

Endpoint Url

The CMTK can currently connect to 1 OPC-UA Server. To do this, enter the address of the OPC-UA Server under Endpoint Url. This has the format:

opc.tcp:// "IP address or hostname of the OPC-UA server": "Port of the OPC-UA server".

A corresponding example is: opc.tcp://cmtk-inn1:4840

Note

The endpoint url can also contain a specific path in the form "/path_to_data" after the port specification.

Note

You can currently only connect to one OPC-UA Server.

Validation of the server certificate

For security reasons a validation of the certificate of the OPC-UA Server is activated by default. You have to upload the corresponding certificate before connection or alternatively you can deactivate the validation.


OPC-UA client certificate validation.

Connection with OPC-UA Server

As soon as you have made all necessary settings you can connect to the OPC-UA Server by Save. If successful, the connection will be shown in the status label.


OPC-UA client connection status.

Note

With some machine controls the connection setup can take up to 10 s.

Security and encryption of communication

To prevent manipulation of the communication by third parties, various mechanisms are available to ensure the authenticity and confidentiality of the transmitted messages. You can set these under the item Message Security. There is a choice between:

  • Car
  • None
  • Sign
  • SignAndEncrypt

By default you should use "Sign" or even "SignAndEncrypt" if possible. Sign" is used for communication with signed messages, while "SignAndEncrypt" additionally encrypts the messages. "None", on the other hand, offers no protection whatsoever and should only be used in exceptional cases. With the option "Auto" the communication is done automatically with the highest mechanism supported by the OPC-UA Server. To be able to sign or encrypt the messages in case of "Sign" or "SignAndEncrypt" you have to select a corresponding security algorithm under Security Policy. Here you have the following selection options.

  • Car
  • None
  • Basic128Rsa15
  • Basic256
  • Basic256Sha256
  • Aes128Sha256RsaOaep
  • Aes256Sha256RsaPss

With the option "Auto" the security algorithm with the highest security supported by the OPC-UA Server is automatically selected. In case of "None" no security algorithm is used.

Authentication

In principle, the OPC-UA Client of the CMTK supports three authentication mechanisms for communication with an OPC-UA Server.

Anonymous

With this authentication method the connection to the OPC-UA Server is established without a separate login. No further settings are required for this. These are to be made on the OPC-UA Server.

Username/Password

This authentication method requires a user name and password to connect to the OPC-UA Server. These are set by the OPC-UA Server. You can enter the information in the input mask.


OPC-UA Client Username / Password.

Certificate

The OPC-UA Client in the CMTK can provide a certificate that can be imported into an OPC-UA Server. This is a so-called user certificate. You can download the certificate via the function *Export client certificate *. It has a validity of 10 years and can be renewed manually, in which case existing connections will be disconnected.


OPC-UA Client Certificate.

Add node

To receive data from the OPC-UA Server you still have to add the corresponding nodes for the data. To do this click on the function Add node. In the field Node Id you have to enter the Node Id assigned in the OPC-UA Server for the corresponding data. The Node Id is composed of a namespace index ns (a number) and a so-called identifier i, s, g or b (number, character string, a so-called GUID or a byte string). An example looks as follows:

`Node Id: ns=1;s=port1.Vibration Velocity RMS v-RMS Y`


Add OPC-UA client node.

Mode

Under Mode you can define whether you want to subscribe to the data from the OPC-UA Server or read it cyclically. In the cyclic read mode the values are read in a fixed interval. You can define the readout interval in seconds in the field cyclic readout interval. The minimum is 1 s. In subscribe mode, the readout takes place with every value change. This can also be done faster than 1x per second. Finally, under Actions, you must click on the check mark to complete the addition of the node. The data should then be saved in the database and are available e.g. in the visualization.

Note

The time setting on the OPC-UA Server should be checked and updated if necessary, since the time stamp of the data is determined by the server.

Note

The number of nodes is currently limited to 10.

Note

Currently the Node Id does not support special characters like @, "".