home Manufacturing Technology Manufacturing Equipment
Industrial manufacturing
Industrial Internet of Things | Industrial materials | Equipment Maintenance and Repair | Industrial programming |
home  MfgRobots >> Industrial manufacturing >  >> Manufacturing Technology >> Industrial Technology

Centralized OPC UA Certificate Deployment via GDS Push Management

In a previous article, OPC UA Local Discovery Servers (LDS) were introduced.

Global Discovery Servers (GDS) provide similar discovery features to Local discovery servers, but they also provide the ability to manage security certificates on multiple OPC UA servers from a single point.

This article demonstrates “GDS Push Management”, which allows security certificates to be “pushed” to an OPC UA server device.

Introduction

There is a good introduction to OPC UA discovery servers in this article from Unified Automation:

https://documentation.unified-automation.com/uasdkdotnet/2.5.2/html/L2UaDiscoveryConnect.html

Background

Before following the steps in this article, you should understand:

Procedure

For this example, the network setup is as follows:

OPC UA Server: AXC F 2152 FW 2020.6.1
IP address: 192.168.1.10
DNS name: axc-f-2152-1

OPC UA Client: Debian 10 PC

The PLC IP address and DNS name will be used throughout this article, but of course you should modify these for your own application.

Set up PLC DNS name

If your network does not include a DNS server, edit the hosts file on the OPC UA client machine.

The hosts file is located in the following directory:

Add the following new DNS entry to the hosts file on the OPC UA Client machine (substituting the IP address and DNS name of your PLC):

192.168.1.10 axc-f-2152-1

Check that the entry is correct by pinging the DNS name (not the IP address) of the PLC from the OPC UA client machine.

Install the OPC UA client software

This example uses UaExpert from Unified Automation:

https://www.unified-automation.com/products/development-tools/uaexpert.html

Download and install UaExpert on the OPC UA client machine.

Configure the OPC UA Server in PLCnext Engineer

  1. In PLCnext Engineer, in the OPC UA configuration window, in the Security section, set:
    • “Certificate” to Provided by OPC UA GDS.
    • “IdentityStore name” to OpcUaGdsIdentityStore.
    • “TrustStore name” to OpcUaGdsTrustStore.
  2. Write the PLCnext Engineer project to the PLC.
  3. In the Web-Based Management system, the new Identity Store and Trust Store can now be seen on the “Certificate Authentication” page.

Configure the OPC UA Client

  1. Open UA Expert and connect to the OPC UA server in the usual way (not using a discovery server).
  2. In UA Expert, use the “Document -> Add…” menu to add a “GDS Push View” document.

You can now manage security certificates on the PLC, as an alternative to using the Web-Based Management window. It is also possible to create and download self-signed certificates from this view, as an alternative to using XCA.

Conclusion

The GDS Push Management feature – demonstrated here using UA Expert – is a feature that can be used today with all PLCnext Control devices.

Other OPC UA GDS implementations are provided by:


Industrial Technology

  • Manufacturing process
  • 3D printing
  • Automation Control System
  • Industrial Technology
    1. Optimizing Work Management: Planning, Scheduling, and Reliability
    2. University of Kansas Launches Comprehensive Online Certificate in Maintenance Management
    3. Top 20 Warehouse Management Companies – Proven Expertise & Reliable Solutions
    4. Asset Management Events 2012: Top Conferences, Training & Exhibitions
    5. 50 Proven Best Practices for Effective IT Asset Management
    6. 4 Key Objectives for Effective Asset Management
    7. Inventory Management Software: What It Is and Why It Matters
    8. Asset Management Explained: Optimizing Asset Value and Compliance
    9. How to Use OPC UA Local Discovery Servers for Efficient Server Registration and Client Connection
    10. Configure Custom Security Certificates for OPC UA on PLCnext Control