Skip to main content
Version: 2.6

OPC-UA Driver Configuration

Plugin Configuration

The plugin configuration file is named settings.json located in <install directory>\Config\HumanOS.UHAL.OpcUaControl\. It contains all global settings of the plugin.

See Generic Plugin Configuration for more details.

Intermediate Data

The device driver puts different data to the folder .\Data\HumanOS.UHAL.OpcUaControl.

  • Log: log files when activating trace log
  • CertificateStore: certificates (auto generated, trusted, issuer, rejected)

Device Information File

The device information file is used to configure the access to the OPC-UA devices. It contains:

  • Id: unique device id (GUID), which MUST match the device license id.
  • DriverId: F022EE3C-A2A5-428A-B588-46ABACAE39EE
  • Address: Connection address
  • Data Access
  • Commands
  • Alarm Events

See Device Information Model for more details.

Connection Address

The connection address is in URL notation. It starts with opc.tcp:// followed by hostname and optional port.

opc.tcp://localhost:4840

Additional Properties

Additional properties help to configure the client-server connection.

NameDescriptionData Type
opc:SecuritySelectionSecurity protocol selection of the endpoints: (None: no security requested (default); BestAvailable: select the best available security)System.String
opc:CertificateHandlingHandling of server certificates: (Strict: only trusted certificates allowed (default); AcceptAll: do not check the certificates)System.String
opc:StoreTypeSpecifies the store type, either 'Directory' or 'Windows', if left empty the 'Directory' type is takenSystem.String
opc:CertificatePathSpecifies the certificate path depending on the store type, see HumanOS® OpcUaServer manual for configuration.System.String
opc:CertificateTrustedPathFor StoreType Windows: Specifies path to trusted certificates.System.String
opc:CertificateIssuerPathFor StoreType Windows: Specifies path to issuer certificates.System.String
opc:CertificateRejectedPathFor StoreType Windows: Specifies path to rejected certificates.System.String
opc:CertificateSubjectFor StoreType Windows: Specifies the application certificate subject name e.g. CN=servercert/O=myorg/DC=myhostSystem.String
opc:AutoGenerateClientCertificateAutomatically generates a client application certificate for the connecting device client. Default is false.System.Boolean
UserName[opt] Username to login. Used to authenticate with username and password.System.String
Password[opt] Password of the user. Used to authenticate with username and password.System.String
opc:ClientCertificate[opt] Client certificate for authentication. Name of certificate (filename or subject name in windows store)System.String
opc:ClientCertificatePassword[opt] Client certificate password unused for authentication. Optional password.System.String
opc:EnableTraceLog[opt] Enabling the trace logger of the UaClientSystem.Boolean
opc:UseDiscoveredEndpointUrl[opt] Set to 'true' to connect with the discovered endpoint url, otherwise the Url of the server address is used to prevent NAT issuesSystem.Boolean

Notes for certificates and Windows Store:

IMPORTANT

Remember that some locations in 'LocalMachine' require UAC privileges and therefore can only be accessed if the software runs in an elevated context or the permissions are set correctly on the private key. If e.g. the error One or more errors occurred. (Keyset does not exist) is thrown, this means that either the keyset really doesn't exist, or the permission is not sufficient. To set the permission open certlm, navigate to the certificate, right click on it -> all tasks -> manage private keys and add the user or usergroup with read permission. Remember that locations like LocalMachine\Root cannot be permission edited.

Example with basic authentication and no secure connection:

{
"Name": "SiemensOpcUaControl",
"Id": "6ae9da3f-4606-4c78-9eb3-aa70cebcb571",
"DriverId": "F022EE3C-A2A5-428A-B588-46ABACAE39EE",
"Address": "opc.tcp://localhost:48050",
"Properties": [
{
"Name": "UserName",
"Value": "Guest"
},
{
"Name": "Password",
"Value": "Guest"
},
{
"Name": "opc:SecuritySelection",
"Value": "None"
},
{
"Name": "opc:CertificateHandling",
"Value": "AcceptAll"
}
]
}

Example with store based certificate secure connection:

{
"Name": "SiemensOpcUaControl",
"Id": "6ae9da3f-4606-4c78-9eb3-aa70cebcb571",
"DriverId": "F022EE3C-A2A5-428A-B588-46ABACAE39EE",
"Address": "opc.tcp://localhost:48050",
"Properties": [
{
"Name": "opc:CertificateHandling",
"DataType": "System.String",
"Value": "Strict"
},
{
"Name": "opc:StoreType",
"DataType": "System.String",
"Value": "Windows"
},
{
"Name": "opc:CertificatePath",
"DataType": "System.String",
"Value": "LocalMachine\\My"
},
{
"Name": "opc:CertificateTrustedPath",
"DataType": "System.String",
"Value": "LocalMachine\\Trust"
},
{
"Name": "opc:CertificateIssuerPath",
"DataType": "System.String",
"Value": "LocalMachine\\Root"
},
{
"Name": "opc:CertificateRejectedPath",
"DataType": "System.String",
"Value": "LocalMachine\\Disallowed"
},
{
"Name": "opc:CertificateSubject",
"DataType": "System.String",
"Value": "CN=MyCert/O=myorg/DC=myhost"
},
{
"Name": "opc:SecuritySelection",
"DataType": "System.String",
"Value": "BestAvailable"
}
]
}