Configuring OPC UA Server Security Modes

Starting with Niagara 4.14 to secure data, you need to configure the Security Mode and the Server Security Certificate used by the server to sign and encrypt communication messages. You must select the Server Security Certificate from the Niagara Key Store.

  • A self-signed certificate, or a CA signed certificate in the User Key Store is required for this procedure. For more details refer the “Generating an OPC UA Server Certificate” .

  • Niagara 4.14 or later version is required to support certificate-based authorization.

  1. In the Workbench Nav tree, expand Config > Drivers, right-click the OpcUaServer and click Views > Property Sheet.
    The Property Sheet opens.

  2. Click the check box to select the Security Mode and Security Policies.
    Note: It is recommended to use the SignEncrypt mode and Basic256Sha256 policy for high security.
  3. In the Cert Alias And Password property, click the drop-down Alias to select the Server Security Certificate and enter the private key Password.
  4. To save your changes, click Save.