OPC UA Server Configuration

In the Engineering Environment, navigate to the Info > Settings tab, and look for the OPC Server Runtime configuration. Select the OPC UA, and click on Settings.

An OPC Server configuration dialog will open that will request admin privileges. In the configuration manager, we can configure Endpoint characteristics for the server, manage Client certificates, and create a certificate for the Server.

Endpoints

In this tab, you can define the Endpoints in which the OPC Server will be deployed, select the Security Policies, and enable/disable anonymous user log in.

Clicking on the Add or Edit buttons will open a popup that allows the user to select the IP Address and Port number. Its also possible to define the IP for a specific network adapter that is available in the system. This can guarantee some security to your OPC; like making it inaccessible for anyone outside of your network.

It is important to make sure the defined ports are not blocked by the OS firewall.

The OPC Server's user management is done by the project's Security Module. The existing Users and Runtime Users, and their associated passwords, can be used to allow client connection.

Client Certificates

In this tab, you can import Client Certificates and choose to Trust or Reject them.

The list will display all Clients Certificates that were imported and their current trust status.

Server Certificate

In this tab, you can view the details of the Server Certificate, export the file (to import and trust the OPC Client), and Reissue it.

When the Reissue option is selected, all existing trust relationships that depended on the Server Certificate will be invalidated.

Project Runtime

Once all the configurations are done, you can launch the Project to test the communication exchange. Remember to have the OPC Server Module enabled in Run > Startup.

Open your OPC Client of choice (that is trusted by the OPC Server) and connect to the Endpoint defined to it. If all your configuration was done correctly, you should see the following Folders in the Server Address Space:

• Tag: Contains the Project Tags with properties based on the Visibility (defined in Edit → Objects).

1. Public: Can be read and write in your OPC
2. Protected: Can only be read
3. Private: will not be seen or browsed.

• Device: Information of the existing communication Nodes [Read-Only].
• Info: Contains the following subfolders:

1. License: Details on the current license applied to the Project Server [Read-Only].
2. Module: Details on every Module of the Product (Alarms, Scripts, Report, etc) [Read-Only].
3. Project: Project information available at Info → Version [Read-Only].
4. ProjectSettings: Project information available at Info → Settings [Read-Only].

• Server: Information available at the Server Namespace (ComputerIP, PrimaryIP, IsRedundancyEnabled, etc) [Read-Only].

TroubleShoot

The status of the Server can be observed through the Diagnostic tools, which are:

• Trace Window: Enable the OPC Server and Debug CheckBoxes (in the settings menu) to visualize all information about this Module.
• Module Information: Here you should be able to see the following information:
  • State: Whether the Server is running, paused or stopped state.
  • Available Items: Amount of variables in the Address Namespace.
  • Last Error: Last error message that happened in the connection.
  • Last Error Timestamp: Timestamp when the last error happened.
  • OPC Clients Connected: Amount of clients connected to the Server.
  • OPC Client: Individual information for each client connected (Name, Identity and Connection Time).