For a generic explanation of the configurations for the Device Module, Channels, Nodes, and Points, please refer to the reference guide.

Summary Information

Communication Driver Name: OPC UA Client Implementation DLL: T.ProtocolDriver.OPC UA.dll Protocol: OPC Proprietary

Interface: OPC Proprietary

Description: OPC UA Client implements communication with local and remote OPC Servers. The communication blocks are dynamically created according to the pooling cycle defined on the Access Type for each Device Point.

OPC Servers Supported: Any OPC Server compatible with OPC UA specification.

Protocol Options: Node.

Max Number of nodes: User defined.

PC Hardware requirements: Node.


OPC UA Certificate Configuration

UA security is based on X509 Certificates. Each UA server and client application requires a certificate with the ApplicationUri of the application.

Typically, UA servers can be configured with certificate validation disabled. Any proper certificate is accepted in this mode; it does not have to match the application.

There are two ways to generate Client Certificates for the OPC UA Client. A Quick method, which uses default values, and a custom one.

Quick Setup

This certificate creation method uses pre-defined parameters for the certificate. These parameters are described below.

  • Application Name:  TRunModule.
  • Organization Name: TATSOFT.
  • Domain Name: Domain name for the certificate validation.
  • LifeTime: 12 Months.
  • Hash Algorithm: Sha1.
  • KeySize: Rsa1024.

In Devices > Nodes, the user can access this feature by clicking on the Default button. The certificate will automatically be saved in the /ProgramData/?ProductName?. Click on the Test button to check the connection.

The Client certificate should be imported / trusted on the OPC Server side.

Custom Setup

In Devices > Nodes, the user can access this feature by clicking on the Custom button. The ClientCertificateHelper application should open. Fill the input fields and save the certificate file.


The Client certificate should be imported / trusted on the OPC Server side.


See below steps to solve the "Error: No available certificate supports the specified security profile: Parameter name: securityProfileUri."


This error occurs when the security parameters of the Server certificate do not match those of the Client certificate. For example, on our server, we have the following certificate; if any of the parameters are incorrect when generating the Client certificate, the error will appear (we were able to reproduce the error in our lab).

Below, we will demonstrate the correct steps for using the OPC Server with security certificates:

1. Generate the OPCUA Server certificate.

2. Double-click the certificate and view the "Details" to verify the security type and the size of the Public Key (as shown in the previously displayed picture).

3. In "C:\ProgramData\WEGnologyEDGESuite," delete all the files. You can make a backup if desired. (If the 'certs' folder cannot be deleted because it is in use, just delete the files inside it.)

4. In WES, go to Devices > Nodes and select the desired URL.

5. In "Custom," configure the Application Name as "TRunModule." Set the Organization Name, Key Size, and Hash Algorithm according to the certificate identified in step 2, select the Server Certificate, and click OK. Add the Client Certificate that will appear, and choose where to save it in the folder "C:\ProgramData\WEGnologyEDGESuite."

6. Repeat step 5, but set the Application Name as "TManager."

7. On the OPCUA Server, import the two Client Certificates and mark them as trusted.

8. Click "Test" in WES, and you should see "Connected."


Channel Configuration

Protocol Options

There is no channel configuration required for OPC UA Client channels.


Node Configuration 

Station Configuration

The station parameters are:

  • Service URL: Defines the location of the OPC E.g.: opc.tcp://127.0.0.1:49300
  • Domain: String containing the domain for security credential.
  • UserName: String containing the user name for security credential.
  • Password: String containing the user password for security credential.
  • Windows Authentication: Flag indicating if Windows Authentication security should be used.
  • Disable Security: Flag indicating if security is disabled. (Security Policy set to None in OPC Server).
  • Refresh Rate: Server Update rate.
  • All Items Same Group: Flag indicating if the driver should add all items to the same OPC group, and only one connection is created with the OPC Server.
  • Enable Read Pooling: Flag indicating whether reading is done by pooling.
  • Read From Device: Force all reads made from device.
  • Use Timestamp From Computer: Use timestamp from computer instead of device.

You can use the Discovery button to search for the OPC Servers located in a specific IP address and port. If the port number is left empty, the utility will look for Servers on pre-defined ports (4840, 49320, 62841, 4845, 49380).


Importer Tool

You can import existing variables directly into your Project by clicking on the Import Button.

With this tool, you can choose which Branch from the OPC Server namespace will be accessed and filter the variables that will be imported. The Tags and Points will be created automatically.



Point Configuration

Address

Choose the OPC Server item that will communicate with the Project Tag. You can type the OPC Server item name into the textbox, or you can browse the OPC Server items in the Cell Editor.


For OPC Array DataTypes, you should add the Array Element of index 0 to the TagName field and set the Array field under the Modifiers column to match the array size.

For automatic address mapping when using arrays in your project and addresses in OPC Server that follows the syntax: ItemName[0 ... n], you can add the Main Array element without index in the TagName column.


TagProvider

This Communication Protocol supports the TagProvider feature, which is a tool that allows you to access your Communication Device Data Model without creating any Project Tags.

For more information, please refer to the TagProvider document. 

How to Configure

To configure the OPC UA protocol as a TagProvider, navigate to Edit > Tags > Providers, and create a new provider for the CanaryLabs protocol.

Configure the items under the PrimaryStation column the same way that was described in the Node Configuration.


Each OPC Server can have its own Branch and Attribute separator. To make sure you have the TagProvider correctly configured, make sure to have clicked on the Test button at least once with a Success return message.


Troubleshoot

The status of the driver execution can be observed through the diagnostic tools, which are:

  • Trace window
  • Property Watch
  • Module Information

Status value of 0 (zero) means communication success. Negative values indicate an internal driver error and positive values means protocol errors code.

  • No labels