Secure Connection with Certificate between OPC UA Driver and Siemens TIA OPC UA Server
First of all protect the project in TIA with User and Password.
Activate the OPC UA Server.
Activate the property “use global security setting for certificate manager”
Choose an security policies
Create a Server Certificate in TIA as following:
Server Certificate is now created.
Export the Server Certificate.
Export the Server Certificate.
Link the Certificate also with the plc communication certifate.
In the User authentication enable the option “enable user name and password authentication” and enter user and password.
Take the OPC UA Server certificate to the zenon project and rename it to PLC-1OPCUA-1-5.der
Create a OPC UA Client and set the “tia”user and the security settings from TIA OPC Server
Copy the OPC UA Server Certificate to the Cert driver folder in the Engineering studio folder
Link the OPC UA Server in the OPC UA Client Configuration
Copy the OPC UA Certifcate “OPCUA32.der” to the OPC UA Server and import the Certificate via TIA portal
add the OPC UA client to the trusted clients in TIA portal
A license has to be also hier chosen
Compile the project and load it to the device (PLCSIM or PLC)
Import the variables from the OPC UA Server
The connection works
Related Articles
FAQ: How can I browse an OPC UA Server using the zenon OPC UA Client Driver?
Go to Drivers > New Driver Create a Driver of Type "OPC UA Client Driver" Open the Driver Configuration Go to "Connections" Create a new Connection Enter your Discovery URL Enter your Server URL manually or click the 3 dots to browse the Discovery ...OPC-UA Server: DNS Name used in certificate created by zenon.
The creation of the DNS name in the OPC-UA Server certificate may vary depending on the zenon build and if the machine is within a Workgroup or is part of a Domain. This information can be verified in the certificate, the certificates files (*.der) ...The OPC UA client driver creates an incorrect self-signed certificate
Summary When a new connection is created in the OPCUA32 client driver a new self signed certificate is automatically created, but the certificate does not contain a SubjectAltname as required for OPC UA application instance certificates. This may ...OPCUA32: OPC UA Client driver does not connect with username / password anymore if the server does not provide a certificate (e.g. as a nano embedded server)
Description The attempt to connect to an OPC UA Server with username and password fails when connecting to a server which does not provide a certificate. The error message reads: "Can not validate URI because proper endpoint has no certificate". But ...The OPC UA client driver does not mark array elements as INVALID when the connection to the OPC UA server is lost
Summary When the option "request array variables on index basis" is disabled in the driver configuration of the OPC UA client driver, the driver does not mark array elements as INVALID when the connection to the OPC UA server is lost. Description ...