OPC UA Certificates

To establish a secure connection, you need to create and install an X.509 certificate on the SM server machine and on the OPC UA client machine.

Configure a secure connection

  1. Select OPC UA > Certificates.

  2. Click the sm opcua generate certificate Generate Certificate button.

  3. Enter the Certificate details and click the OK button.

    smc opcua Certificate details

  4. Save the certificate to a folder and click the OK button. Two subfolders are created:

    • certs

    • private

    smc opcua Certificate folder

  5. Copy the certificate to the OPC UA client machine

  6. Discover the server from the OPC UA client. This will load the certificate from the server.

    smc opcua Discover server

  7. Configure a connection to the server from the OPC UA client and select Trust Server Certificate.

    smc opcua Cert trusted

  8. Open Site Settings > OPC UA Certificates and click the sm opcua icon12 Refresh button. The client certificate is shown in the To be approved box.

  9. Select the client certificate to be approved and click the sm opcua Approve Approve button. The certificate moves to the Approved box.

    smc opcua Certificate approve

  10. Open the OPC UA client and under the discovered server select Authentication settings.

  11. Select the Certificate and Private Key that you copied from the SM server machine and click the OK button.

    smc sc Certificate Authentication

  12. Connect the client and enter the server password (if applicable).

    smc sc Enter Password

  13. Open Site Settings > OPC UA Certificates and click the sm opcua icon12 Refresh button. The user certificate is shown in the To be appproved box.

  14. Select the user certificate to be approved and click the sm opcua Approve Approve button. The certificate moves to the Approved box.

    smc opcua User Certificate approve

  15. Open the OPC UA client and connect to the server.

The client can now access the lighting control system with a secure connection to the System Manager OPC UA server.