OmniServer UA Interface Tutorial. A Guide to Configuring the OmniServer OPC UA Server Settings



Similar documents
Kepware Technologies KEPServerEX OPC Tunnel

Update Instructions

OPC Unified Architecture - Connectivity Guide

Update Instructions

Update Instructions

XStream Remote Control: Configuring DCOM Connectivity

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

For paid computer support call

How to Set Up Your. Account

Update Instructions

Instructions for Microsoft Outlook 2003

Recommended KEPServerEX Settings for groov

How to set up Outlook Anywhere on your home system

MultiSite Manager. Setup Guide

Windows Live Mail Setup Guide

USING STUFFIT DELUXE THE STUFFIT START PAGE CREATING ARCHIVES (COMPRESSED FILES)

How To Industrial Networking

Appendix E. Captioning Manager system requirements. Installing the Captioning Manager

MultiSite Manager. Setup Guide

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

ADFS Integration Guidelines

OPC Server Machine Configuration

Accessing Personal Web Folders Macon State College

Installation Procedure SSL Certificates in IIS 7

SysAid Remote Discovery Tool

XenApp/Citrix Program Neighborhood Installation

1. Open Thunderbird. If the Import Wizard window opens, select Don t import anything and click Next and go to step 3.

How to Install a Network-Licensed Version of IBM SPSS Statistics 19

User Guide Part 7. Status Server

Setup Guide. network support pc repairs web design graphic design Internet services spam filtering hosting sales programming

User Guide for eduroam

Using TLS Encryption with Microsoft Outlook 2007

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Using Device Discovery

Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server

How to Pop to Outlook

Neoteris IVE Integration Guide

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Install and configure server

UNI - WINDOWS. How to... Access your University on your Windows Computer. Introduction. Step 1/1 - Setting Up Your Windows Computer

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

HOW TO CONNECT TO FTP.TARGETANALYSIS.COM USING FILEZILLA. Installation

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Configuring Outlook 2013 For IMAP Connections

Non-ThinManager Components

Using Your New Webmail

How To Configure Using Different Clients

NSi Mobile Installation Guide. Version 6.2

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

DocAve Upgrade Guide. From Version 4.1 to 4.5

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on. User Information

Microsoft Exchange Mailbox Software Setup Guide

Outlook Plugin. What is MangoApps for Outlook?

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

Neoteris IVE Integration Guide

Professional Mailbox Software Setup Guide

RoomWizard Synchronization Software Manual Installation Instructions

MadCap Software. Upgrading Guide. Pulse

Stellar Phoenix Exchange Server Backup

NovaBACKUP xsp Version 12.2 Upgrade Guide

1 Login to your CSUF student account and click on the Settings icon ( ) at the far right.

EM Single Sign On 1.2 (1018)

Windows XP Exchange Client Installation Instructions

E-Notebook SQL13.0 Desktop Migration and Upgrade Guide

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Configuring the OfficeConnect Secure Gateway for a remote L2TP over IPSec connection

This information is provided for informational purposes only.

Installing and configuring Microsoft Reporting Services

XCM Internet Explorer Settings

Connecting to Staffmail with Outlook 2011 on Mac OS X

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

3CX PBX v12.5. SIP Trunking using the Optimum Business Sip Trunk Adaptor and the 3CX PBX v12.5

Automatic Setup... 1 Manual Setup... 2 Installing the Wireless Certificates... 18

Install and Configure Oracle Outlook Connector

Secure Outgoing Mail (SMTP) Setup Guide

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

Set Up Setup with Microsoft Outlook 2007 using POP3

F O U N D A T I O N. Using OPC via DCOM with Microsoft Windows XP Service Pack 2. Karl-Heinz Deiretsbacher, Siemens AG

Client Configuration Secure Socket Layer. Information Technology Services 2010

Exchange (UCMAIL) Configuration Procedures

How to Connect to Anonyproz OpenVPN Servers in Failover and Switcher Modes

UCO_SECURE Wireless Connection Guide: Windows 8

Introduction to Mobile Access Gateway Installation

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

QUANTIFY INSTALLATION GUIDE

Microsoft Exchange Mailbox Software Setup Guide

Avaya IP Office SIP Configuration Guide

To begin, visit this URL:

Kepware Technologies Configuring Secured UA Communications Using ClientAce

Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2

Microsoft Access Rollup Procedure for Microsoft Office Click on Blank Database and name it something appropriate.

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

HDAccess Administrators User Manual. Help Desk Authority 9.0

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

This tutorial provides detailed instructions to help you download and configure Internet Explorer 6.0 for use with Web Commerce application.

Versions Addressed: Microsoft Office Outlook 2010/2013. Document Updated: Copyright 2014 Smarsh, Inc. All right reserved

Introduction to the EIS Guide

How to set up your Secure in Outlook 2010*

Transcription:

OmniServer UA Interface Tutorial A Guide to Configuring the OmniServer OPC UA Server Settings

Page 2 of 14 Table of Contents INTRODUCTION 3 Introduction to OPC UA 3 Introduction to OmniServer 4 Intended Audience 4 Pre-requisites 4 CONFIGURING THE OMNISERVER UA SERVER SETTINGS 5 Defining Endpoints 5 Managing Instance Certificates 6 Enabling Security 8 Creating User Authentication Profiles 9 CONFIGURING THE UNIFIED AUTOMATION TEST CLIENT 11

Page 3 of 14 Introduction Introduction to OPC UA The OPC Unified Architecture, also known as OPC-UA, is the latest open-standard architecture developed by the OPC Foundation to improve and expand interoperability standards in the Industrial Automation Industry. Why do we need a new architecture to begin with? OPC-UA was the result of several advancements and changes in the way data was commonly being accessed and exchanged. Some changes that lead to the need for a new architecture include: Microsoft s COM and DCOM (the basis for previous standards) were deprecated and are now considered legacy technologies Web services gained importance in data exchange between machines and for communications to factory floor devices Earlier specifications were decoupled and did not integrate well, e.g. items in a Data Access server could not communicate directly with items in an Alarms and Events server. OPC-UA is designed for exchanging information in an object-oriented manner, rather than as isolated data points. This increases the accessibility of your plant floor data by letting you re-use information stored in a common object. OPC-UA also incorporates a service-oriented model, which increases interoperability with other platforms and improves security. OPC-UA is not a replacement for existing OPC-DA standards. Because of the layered design of this architecture it includes all the functionality of existing OPC-DA servers, but expands upon their functionality with a common interoperability layer. This interoperability layer unifies information exchange and provides a common interface for controlling processes. What are the benefits of the new architecture? OPC-UA provides a way to connect clients and servers in a secure manner, without relying on Microsoft DCOM. This is a big advantage because it means that you are no longer saddled with the headaches associated with having to configure DCOM. This is because DCOM plays no role in data transport. OPC-UA can also allow users to make secure connections through

Page 4 of 14 firewalls and over VPN connections. In addition, it expands the ability to provide factory floor information to other business systems, as a result of the object-oriented model described above. Introduction to OmniServer The OmniServer is a user configurable server designed to handle communications with devices that use non-standard communications protocols. OmniServer is a fully configurable I/O server which interprets the data coming in from a device and delivers the data to any client program that supports the major information exchanges. OmniServer takes care of all the polling and data parsing for you, and does this without the use of a programming language. All you need to know is how you want to present the data to the outside world. Intended Audience This paper is intended for general audiences, including process control engineers and system integrators, who are interested in learning more about utilizing the OPC-UA capabilities of the OmniServer. This tutorial will show you how to configure the OmniServer OPC UA interface to allow OPC UA clients to connect to access data coming from your non-standard devices. Pre-requisites You will be required to have both the OmniServer 2.7 and the Unified Automation UaExpert Test Client downloaded and installed on your machine. In order to test your client connection to the OmniServer, you will also be required to have a valid OmniServer configuration. You can learn more about configuring the OmniServer in our Introduction to OmniServer guide. You can download the latest version Unified Automation UaExpert test client from here. The instructions and screenshots in the paper were created with version 1.1.0.117 of the UaExpert client.

Page 5 of 14 Configuring the OmniServer UA Server Settings This section will provide a step-by-step guide for configuring the OmniServer UA interface to allow a UA client to connect. 1. Open the Clients section in the configuration Window. 2. Double click on the OPC UA wedge. You can also right click and choose Properties. This will open the OPC UA Configuration Window Defining Endpoints With the OPC-DA Specification, servers were identified by their ProgID. In OPC-UA, this is done through what is called an endpoint, which more closely resembles a URL than the OPC-DA ProgIDs. This endpoint uses a machine name and a port number to identify the server. Different authentication and security settings can also be configured on the endpoint. Any one particular server can have multiple server endpoint definitions. You may want to define multiple endpoints if you want certain clients to connect on certain ports, or if you want some clients to only be able to connect locally, and some to be able to connect remotely. 1. To add a new endpoint definition, click on the Add button. This will open the Endpoint Properties page. 2. Under the General tab, select the Hostname from the drop-down list. The Default option will use the computer name in the endpoint definition and will make the server accessible from a remote client. The Local Only option will create an endpoint that can only be accessed by a UA client on the local machine. For this example, we will make a local only endpoint. 3. Specify the Port number that you want the UA client to connect over. The port number for our example is 27730. 4. You will see the full endpoint definition underneath the port, as shown in Figure 1 below. You will need to know this endpoint definition in order to connect with the client.

Page 6 of 14 Figure 1: Endpoint Definition Managing Instance Certificates All endpoints within a particular server will share the same instance certificate. An instance certificate is a security certificate that grants permissions to clients to be able to connect to the server. This means that user validation is done on a per server instance basis, not per endpoint. Therefore, a client that has the server s instance certificate will be able to connect to any endpoint configured in the server, provided that the client supports the type of encryption that the endpoint employs. Each application that wants to establish a trust with the OPC UA server or client must have the appropriate public and private keys. The private key is protected, while the public key is placed into a certificate of distribution, called the Instance Certificate. Establishing a secure connection requires the client to have the server s certificate, and the server to have the client s certificate. This exchange is only required once for the duration of the certificate s lifetime. OmniServer provides two options for the storage location for Instance Certificates, referred to as the Certificate Store, as seen in Figure 1. The Open SSL Store is the default option and uses the Open SSL Certificate Authority system to manage and store Instance Certificates for OmniServer. Open SSL managed certificates are located at:

Page 7 of 14 C:\Documents and Settings\All Users\Application Data\Software Toolbox\OmniServer\PKI\CA The Windows Certificate Store is the location where all Windows-managed certificates are stored. If you prefer that your OPC UA Instance Certificates for OmniServer be stored in the Windows Certificate Store, select this option. Once you have selected the desired Certificate Store (we will use the default for this example), you can manage the Instance Certificate for OmniServer using the following steps. 1. Click on the Certificate tab in the Endpoint Properties window. You can create a new certificate by clicking on the Create New button. 2. In the Filename field give your certificate a name. We will use the name MyTestCert. 3. Fill in the appropriate information in the Organization, Location, Unit, State, and Country fields to identify your organization. You are not required to fill in any of these fields. Click OK to create the new certificate. Figure 2: New Server Instance Certificate Note: You can view all of the instance certificates (server and client) in the Client Certificates tab of the Endpoint Properties window.

Page 8 of 14 Enabling Security The settings on this tab designate what security policies the OmniServer will support for clients attempting to connect. For instance, by default any OPC UA client that uses Basic 128 Rsa 15 and Basic 256 security will be able to connect. If you select only the None option, any UA client application will be able to connect. 1. Click on the Security tab in the Endpoint Properties window. 2. Select the encryption methods you want to use for the client connection to the OmniServer. The UA client must support the encryption methods you select for it to be able to connect. In this example, we will only allow a client using Basic 256 encryption to connect. Uncheck None and Basic 128 Rsa 15 and leave Basic 256 checked. Figure 3: Enable Security 3. When you are finished configuring your Endpoint, click OK to exit the Endpoint Properties window. You will see your new endpoint added to the Endpoints tab in the OPC UA Configuration window.

Page 9 of 14 Figure 4: New Server Endpoint Creating User Authentication Profiles You can further restrict access to your server by enabling authentication profiles in the OPC UA configuration. Authentication is applied on the server level, meaning that the same authentication will be applied to all configured Endpoints. 1. In the OPC UA Configuration window, click on the Authentication tab. 2. Enable the Require User Authentication checkbox. 3. Click the Add button. 4. Enter a User Name and Password and confirm the password. We will use the User Name Test, and the password Test.

Page 10 of 14 Figure 5: New User Name and Password 5. Click OK. You will see the Username Test appear in the box. Figure 6: New User Authentication Profile 6. Click OK to complete the configuration of the OmniServer UA Client wedge.

Page 11 of 14 Configuring the Unified Automation Test Client This section will provide steps for configuring the Unified Automation UaExpert test client. Note: Configuration steps for other UA client applications may vary. 1. Open the Unified Automation UaExpert Test Client 2. Click on the Add Server button to open the Add Server window. You can also open this window from the menu by going to Server Add. 3. Enter a Configuration Name. We will call ours UA Test. 4. If you have a Discovery Service, you can browse for servers on your network. If you do not have a Discovery Service, proceed to step 5. 5. Click on the Advanced tab in the Add Server window. Enter the Endpoint URL that we configured in the Configuring the OmniServer UA Client Wedge section above. Our endpoint is opc.tcp://127.0.0.1:27730. 6. In the Security Settings section, select the appropriate Security Policy from the drop down. We are using Basic 256, as configured in the previous section. 7. Select the appropriate Message Security Mode from the dropdown. The OmniServer supports both Sign, and Sign & Encrypt modes. For our example, we will select Sign & Encrypt. 8. In the Authentication Settings section, select the Username and Password radio button. Click the Store checkbox to enable the password field. Enter the username Test and password Test that we configured in the OmniServer. 9. Check the Connect Automatically button to attempt to connect to the server once we exit the configuration. Click OK to create your server connection. You can also manually connect by right clicking on the server connection under Servers in the treeview and selecting Connect.

Figure 7: UA Server Connection Configuration Page 12 of 14

Page 13 of 14 10. If this is the first time you have made a connection to the OmniServer, you will receive a pop-up that will prompt you to accept the server certificate. You can view the OmniServer certificate by clicking on View Certificate. Accept the certificate by clicking the Accept the certificate permanently radio button and then click OK. For more information on the client certificate, view the discussion above on Managing Instance Certificates Figure 8: Accept Server Instance Certificate Note: If you are unable to connect to the OmniServer, check the Client Certificates tab in the Endpoint Properties and make sure the UaExpert Client Certificate is not showing in the Rejected list. (This only applies if your OPC UA Client is using Secure Encryption for connecting to OmniServer)

Page 14 of 14 If the OPC UA Client certificate is listed as Rejected, click on the to the trusted list. button to move it Figure 9: Rejected Client Certificate 11. Once you have created the connection to the server, you can browse the OmniServer s address space in the bottom left hand pane of the UA Client. You can monitor a particular tag by dragging and dropping it into the Default DA View window. You can also see detailed properties for the selected tag in the Attribute Window.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information