dOPC Client Toolkit
Close
OPC UA & Security

OPC UA connections can be SSL encrypted. Security in OPC UA is handled using certificates. A certificate represents an OPC UA Client or Server. Both servers and clients maintain a trust list to know which servers and clients can establish a connection. The UA Client requests a connection to the UA Server and sends over its certificate. The UA Server checks its list to see if that UA Client is on the list and either accepts or rejects the connection. The UA Server sends its certificate to the UA Client, which checks its trusted list to verify the UA Server's status. If both are on their respective trusted lists, a secure connection is established. Please note that by default, the dOPCUAClient component accepts every OPC UA server. If you wish to change this behavior, please refer to our sample program located at \ua-core\UASecurity. You can find more information here: https://opcconnect.opcfoundation.org/2020/06/exploring-opc-ua-security-concepts/ 

Normally we have no problems connecting to OPC UA servers. However, there are often problems when you want to establish a secure connection. One problem, for example, is that the OPC client has to be manually trusted by the OPC server. 

Please check it first with our dOPC Explorer. You can download a version from: 

https://www.kassl.de/downloads/opc/trial/Kassl-dOPC-Explorer-Trial.zip 

Please note: You must manually trust a new OPC UA client on the OPC UA service side. Please refer to your OPC server documentation on how to trust an OPC client. 

UAExpert works because this client is often trusted by default on the server side. 

After the dOPC Explorer has been trusted, it should connect to your OPC UA server.If it works with the dOPC Explorer, it should also work with the dOPC Client Toolkit,because the dOPC Explorer is completely developed with the Toolkit. 

Please have a look at 

https://www.kassl.de/opc-help/ua_client_TdOPCUAClient_OnGetCertificate.html 

https://www.kassl.de/opc-help/ua_client_TdOPCUAClient_SecurityMode.html 

https://www.kassl.de/opc-help/ua_client_TdOPCUAClient_UserLogin.html 

Please also have a look at 

https://www.kassl.de/opc-help/FAQ.html (Section: How do I create certificates for my OPC UA client program?) 

In the "demo\ua-core" folder you will find the following sample programs that work with certificates. 

DA-UA parameters 

UACoreSampleClient 

UASecurity 

If you still have problems connecting to your OPC UA server, please send us a demo version of your OPC server if possible.

Kassl GmbH Copyright © 2024. All rights reserved.