You're currently browsing the Ignition 8.0 docs. Click here to view the latest docs.


On the OPC UA security page you can manage OPC UA certificates for the client and server. Trusted certificates can be imported and quarantined certificates can be marked as trusted. 


On this page ...

Trusted Certificates on the Client

When viewing the Client tab, you’re viewing the certificates trusted by the Gateway, as a UA client. In the screenshot below, you can see that this client trusts the certificate named "Ignition OPC UA Server."


Trusted Certificates on the Server

When viewing the Server tab, you’re viewing the certificates trusted by the server, meaning the Gateway's OPC UA server. In the screenshot below, you can see that this server trusts the certificate named "Ignition OPC UA Client."

Managing Certificates

The steps for managing trusted certificates are the same whether you're on the Client tab or the Server tab.

Upload a Trusted Certificate 

To upload a trusted Certificate, do the following.

  1. Click the Client Tab or Server Tab, depending on the what certificate you're uploading.
  2. Click the Browse button.
  3. Navigate to the location of of certificate on your system and click Open. (Alternatively, you can drag the certificate file onto the page where it says "Drag files here.")
  4. If the upload was successful, you'll see the name of the certificate and the message "Upload Successful!" The certificate will appear in the Trusted Certificates list.


Download a Trusted Certificate

To download a trusted certificate, do the following.

  1. Next to the certificate name, click the Download  icon.
  2. The certificate is downloaded to your system by your web browser. 

Delete a Trusted Certificate 

To delete a trusted certificate, do the following.

  1. Next to the certificate name, click the Delete action button.
  2. The certificate is deleted. 

To view more information about a trusted certificate, click the More Info  icon. 

OPC UA Security Page Details

Trusted Certificates
Common NameName of the certificate.
SHA-1 Fingerprint

The SHA-1 (Secure Hash Algorithm 1) fingerprint is the unique identifier of the certificate.

ExpirationDate the certificate will expire.
Additional Information
CCommon Name
OOrganization, usually the legal incorporated name of a company.
OUOrganizational Unit
LLocality (Town or City)
STState
CCountry, the two-letter ISO code for the country where the organization is located.


Quarantined Certificates

If you import a certificate that is not trusted, it will appear on the Quarantined Certificates list. 

Accept a Quarantined Certificate 

To accept a quarantined certificate, do the following:

  1. Next to the certificate name, click the Trust action button.
  2. The certificate is accepted and will appear in the Trusted Certificates list. 



  • No labels