Skip to content

OPC-UA Server

Activate OPC-UA Server

The CMTK supports sending data via OPC-UA as a so-called OPC-UA server. To do this, go from the main dashboard to the settings, in the menu OPC-UA Server.


Main Dashboard.

Activate the function there (OPC-UA active) and save the changes.


OPC-UA Server settings.

Authentication methods

For the authentication between the OPC-UA Server and OPC-UA clients several authentication methods are available in principle. These can be activated or deactivated separately. Parallel use of the different authentication methods is therefore possible.

Anonymous

If this authentication method is enabled, an OPC-UA client can connect without a separate login.

Username/Password

With this authentication method a user name and password are required to connect to the OPC-UA Server. You can define these in the input mask and activate them by Save.


OPC-UA Server Username / Password.

Certificate

It is possible to use a user certificate and corresponding key created by an OPC-UA client for authentication. To do this, you must upload the corresponding user certificate from the client to the CMTK using the corresponding function.


OPC-UA Server Certificate.

Export and renew certificate

The OPC-UA Server of the CMTK can also provide a so-called server certificate that can be imported in an OPC-UA client. You can download it via the function Export certificate. The server certificate issued by the CMTK has a validity of 10 years. It can be renewed manually, in which case existing connections to OPC-UA clients will be disconnected.


OPC-UA Server certificates.

Supported encodings

In principle there are different possibilities for the encryption of the communication between OPC-UA Client and OPC-UA Server. This is selected by the OPC-UA Client. The following encryptions are supported by the OPC-UA Server of the CMTK:

  • None
  • Basic128Rsa15
  • Basic256
  • Basic256Sha256
  • Aes128Sha256RsaOaep

Note

Basic128Rsa15 + Basic256 are classified as deprecated by the OPC-UA Foundation. The use is therefore not recommended.

Note

The OPC-UA Server certificate should not be confused with the OPC-UA Client certificate and the OPC-UA User certificate. These are 3 different certificates.

Note

The server currently accepts any client certificate. The access restriction is regulated by the 3 authentication mechanisms.

OPC-UA message structure, port and data rate

Information about the basic structure of the OPC-UA messages can be found via the Node-Set Info.


OPC-UA Server NODE-SET Info

You will then be shown an example of the address range and the structure of the messages.


OPC-UA Server Address Range.

Note

You can examine the exact structure of the OPC-UA messages with tools like the UAExpert.

Note

Communication takes place via port 4840. This cannot be changed and must be released in your IT network if necessary.

Note

The OPC-UA Server on the CMTK supports a minimum sampling interval of 250 ms, even if you have set a faster data acquisition interval.