Overview
This page provides a detailed guide on how to establish a secure connection to Kepware with security policies enabled. It includes step-by-step instructions for configuring the necessary settings, activating security features, and verifying successful and secure communication between the client and server.
On this page:
Requirements
To use this feature, the following system requirements must be met.
- KepServerEx V5 (or higher).
- OPC UA Protocol
How to use
The procedure for a successful OPC UA connection is divided into three main steps.
- KepServerEx OPC UA Server Configuration
- Creating certificates for Engineering and Runtime
- Importing client certificates on OPC UA
Steps to configure Kepware with security
1 - Open “KepServer“ and right click in “Project? → “Properties...? and do the following setting.
2 - Right-click on the following icon in the hidden icons section of Windows and select OPC UA Configuration:
3 - Open the OPC UA Configuration, navigate to Instance Certificates and click Export server certificate;
4 - After that, click View server Certificate;
5 - Click Detail to verify the security type;
Note: We need to verify the Signature algorithm, Signature hash algorithm and the public key.
6 - Open the software as administrator, navigate to Devices/Channel section and create a new channel using the OPC UA Client Driver protocol;
7 - Go to Devices/Nodes section and create a new Node
8 - On Devices/Nodes/PrimaryStation, click in Discovery and select the URL you want
9 - In "Custom," set the Application Name to "TRunModule," and configure the Organization Name, Key Size, and Hash Algorithm according to the certificate identified in step 2. Click "Import" and select the Server Certificate that you exported earlier in step 1;
10 - Open the OPC UA Configuration and import the certificates from step 11 and step 10.
Note: The certificates need to be trusted
11 - Return to Devices/Nodes/PrimaryStation and click Test. After that, you will see “Connected”