Configuring an OPC Client Connection

An OPC UA connection is used to communicate with an OPC UA compliant server, such as the one the OPC UA Module provides.
The following steps walk through connecting Ignition (as an OPC UA client) to a OPC UA server.

On this page ...

  1. On the Config tab of the Gateway Webpage, go to OPC Client > OPC Connections. The OPC Server Connections page is displayed.
  2. Click on the Create new OPC Connection.

  3. Select OPC UA from the list and click Next.  The Server Discovery page appears.
  4. Enter an OPC UA endpoint URL for the OPC UA server Ignition should connect to. The format should be as follows:


    Instead of an IP address, a host name can be used: 


    Note: An Advanced Configuration link was added to this flow, allowing you to manually configure connection settings. This is useful in cases where a server doesn't allow anonymous endpoint access, but provides separate discovery endpoints. 

  5. Click Next.
  6. Choose a server, then click Next

  7. Choose an endpoint, then click Next

  8. A Manage Certificate window will open if you haven’t previously trusted a certificate. If the certificate that the Endpoint sends you to is already in Ignition’s trust store, this step is skipped. Trust the Certificate and click Next.

  9. If you entered a discovery URL in step 4, you also have an option to enter another URL if the host is unreachable.

  10. Select a Security Policy and Message Security configuration to use when connecting to the endpoint, then click Finish. The policies that appear here are determined by the server. 

  11. A confirmation page is displayed. Click Finish.

  12. On the New OPC UA Connection Settings page, give the connection a name. Some OPC UA servers may require a username and password, but this is not always the case. Check with the OPC UA server's documentation for more details. Credentials for Ignition's OPC UA server can be found on the Ignition's OPC UA Server page. 

  13. Once credentials have been entered, click the Create New OPC Connection button.

Ignition is now connected to the OPC UA server. 

OPC UA Client Connection Settings

The following table describes all the available properties.


NameA name used to identify this connection.
DescriptionShort description of this connection.
EnabledDisable the connection to the OPC server.
Read-onlyPuts the connection into read-only mode. All writes sent to this server will fail.


UsernameA username the connection will use when authenticating with the UA server.
Password FieldsThe password to use when authenticating with the UA server.


Host OverrideWhen specified, if the endpoint address returned by the OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname, for example:
Connect Timeout

The timeout, in milliseconds, when opening a socket connection to a remote host. Default is 5,000.

Acknowledge Timeout

The timeout, in milliseconds, to wait for an Acknowledge message in response to the client's Hello message. Default is 5,000.

Request TimeoutMaximum amount of time, in milliseconds, to wait for the response to a request. Default is 60,000.
Session TimeoutRequested session timeout value, in milliseconds. Default is 120,000.
Max Per OperationSpecify the maximum number of nodes to read, write, subscribe, or unsubscribe to in any given UA server request. Default is 8,192.
Max References Per Node

Configures the number of references per node. A "node" in this case is any item inside of a UA server, so items like tags and folders would qualify as a node, while a References is simply a reference to another node. This setting is useful in situations where the address space is completely flat, so a large number of adjacent nodes could potentially run into a maximum message size. In these cases increasing the value of this property can be useful.

However, most systems will not need to change this setting. Defaults to 8,192 references.

Max Pending Publish Requests

The number of concurrent Publish Requests allowed to be pending at any given time. Default is 2.

Max Notifications Per PublishThe maximum number of notifications per publish. Default is 65,535.
Max Message SizeThe maximum allowable size of an OPC UA application layer message. Default is 33,554,432.
Max Array LengthThe maximum allowable size for arrays. Default is 2,147,483,647.
Max String Length

The maximum allowable size for strings. Default is 2,147,483,647.

Type Dictionary Fragment SizeThe fragment size to request when reading the server's type dictionary. Default is 8,192.
Keep-Alive Failures AllowedNumber of consecutive failures allowed before disconnecting. Setting this to <= 0 means consecutive failures will not cause a disconnect. Default is 1.
Keep-Alive IntervalInterval, in milliseconds, between keep-alive requests.
Keep-Alive TimeoutMax duration, in milliseconds, to wait for a response to a keep-alive request. Default is 10,000.
Browser Origin

The Node that browsing should originate from. Options are OBJECTS_FOLDER or ROOT_FOLDER. Most OPC UA Servers use OBJECTS_FOLDER, but some non-standard servers may require ROOT_FOLDER to browse correctly. Ignition's OPC UA Servers uses OBJECTS_FOLDER.


Failover EnabledEnable failover on the connection, allowing the UA client to switch to a backup server in the event the primary server is unavailable.
Failover ThresholdThe number of retry attempts before the failover connection is used. The default is 3.

Failover Discovery URL

The discovery URL for the backup server's OPC UA server. Expects the following format:

Failover Endpoint URL

The endpoint of the failover server. Example:

Failover Host OverrideWhen specified, if the endpoint address returned by the failover OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname. Example:


Certificate Validation Enabled

The following feature is new in Ignition version 8.1.0
Click here to check out the other new features

Enables validation of server certificates. This is required by the OPC UA specification, but it may be disabled for troubleshooting or temporarily connecting to servers with invalid or untrusted certificates. Default is true.

Caution: Disabling certificate validation compromises the security of the connection.

KeyStore AliasThe alias of the certificate and private key stored in the client KeyStore.
Password FieldsThe password to use when authenticating with the UA server.

Failover Versus Backup Properties 

The Failover properties should be used when a single Ignition Gateway needs to connect to a pair of redundant OPC UA servers. The failover OPC UA server will be used in the event the primary OPC server goes down. To enable failover, set the Failover Enabled property to true, and specify the Failover Endpoint. The Failover Threshold can be adjusted if desired.

Note: Failover events are "sticky." That means once control has moved to a backup OPC UA server, it stays there until that server fails.

  • No labels