OPC UA Client Connection Settings
Configuring an OPC Client Connection​
An OPC UA connection is used to communicate with an OPC UA compliant server, such as the one the OPC UA Module provides.
The following steps walk through connecting Ignition (as an OPC UA client) to a OPC UA server.
On the Config tab of the Gateway Webpage, go to OPC Client > OPC Connections. The OPC Server Connections page is displayed.
Click on the Create new OPC Connection.
Select OPC UA from the list and click Next. The Server Discovery page appears.
Enter an OPC UA endpoint URL for the OPC UA server Ignition should connect to. The format should be as follows:
opc.tcp://IpAddress:PortAlternatively, you can use a host name instead of an IP address:
opc.tcp://myServer:12345noteAn Advanced Configuration link was added to this flow, allowing you to manually configure connection settings. This is useful in cases where a server doesn't allow anonymous endpoint access, but provides separate discovery endpoints.
Click Next.
Choose a server, then click Next.
Choose an endpoint, then click Next.
A Manage Certificate window will open if you haven’t previously trusted a certificate. If the certificate that the Endpoint sends you to is already in Ignition’s trust store, this step is skipped. Trust the Certificate and click Next.
If you entered a discovery URL in step 4, you also have an option to enter another URL if the host is unreachable.
Select a Security Policy and Message Security configuration to use when connecting to the endpoint, then click Finish. The policies that appear here are determined by the server.
A confirmation page is displayed. Click Finish.
On the New OPC UA Connection Settings page, give the connection a name. Some OPC UA servers may require a username and password, but this is not always the case. Check with the OPC UA server's documentation for more details. Credentials for Ignition's OPC UA server can be found on the Ignition's OPC UA Server page.
Once credentials have been entered, click the Create New OPC Connection button.
Ignition is now connected to the OPC UA server.
OPC UA Client Connection Settings​
The following tables describe all the available properties.
Main​
| Property | Description |
|---|---|
| Name | A name used to identify this connection. |
| Description | Short description of this connection. |
| Enabled | Disable the connection to the OPC server. |
| Read-only | Puts the connection into read-only mode. All writes sent to this server will fail. |
Authentication​
| Property | Description |
|---|---|
| Username | A username the connection will use when authenticating with the UA server. |
| Password Fields | The password to use when authenticating with the UA server. |
Advanced​
| Property | Description |
|---|---|
| Host Override | When specified, if the endpoint address returned by the OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname, for example: 192.168.1.10 |
| Connect Timeout | The timeout, in milliseconds, when opening a socket connection to a remote host. Default is 5,000. |
| Acknowledge Timeout | The timeout, in milliseconds, to wait for an Acknowledge message in response to the client's Hello message. Default is 5,000. |
| Request Timeout | Maximum amount of time, in milliseconds, to wait for the response to a request. Default is 60,000. |
| Session Timeout | Requested session timeout value, in milliseconds. Default is 120,000. |
| Max Per Operation | Specify the maximum number of nodes to read, write, subscribe, or unsubscribe to in any given UA server request. Default is 8,192. |
| Max References Per Node | Configures the number of references per node. A "node" in this case is any item inside of a UA server, so items like tags and folders would qualify as a node, while references simply means a reference to another node. This setting is useful in situations where the address space is completely flat, so a large number of adjacent nodes could potentially run into a maximum message size. In these cases decreasing the value of this property can be useful. However, most systems will not need to change this setting. Defaults to 8,192 references. |
| Max Pending Public Requests | The number of concurrent Publish Requests allowed to be pending at any given time. Default is 2. |
| Max Notifications Per Publish | The maximum number of notifications per publish. Default is 65,535. |
| Max Message Size | The maximum allowable size of an OPC UA application layer message. Default is 33,554,432. |
| Max Array Length | The maximum allowable size for arrays. Default is 2,147,483,647. |
| Max String Length | The maximum allowable size for strings. Default is 2,147,483,647. |
| Type Dictionary Fragment Size | The fragment size to request when reading the server's type dictionary. Default is 8,192. |
| Keep-Alive Failures Allowed | Number of consecutive failures allowed before disconnecting. Setting this to <= 0 means consecutive failures will not cause a disconnect. Default is 1. |
| Keep-Alive Interval | Interval, in milliseconds, between keep-alive requests. |
| Keep-Alive Timeout | Max duration, in milliseconds, to wait for a response to a keep-alive request. Default is 10,000. |
| Browser Origin | The Node that browsing should originate from. Options are OBJECTS_FOLDER or ROOT_FOLDER. Most OPC UA Servers use OBJECTS_FOLDER, but some non-standard servers may require ROOT_FOLDER to browse correctly. Ignition's OPC UA Servers uses OBJECTS_FOLDER. |
Failover​
| Property | Description |
|---|---|
| Failover Enabled | Enable failover on the connection, allowing the UA client to switch to a backup server in the event the primary server is unavailable. |
| Failover Threshold | The number of retry attempts before the failover connection is used. The default is 3. |
| Failover Discovery URL | The discovery URL for the backup server's OPC UA server. Expects the following format: opc.tcp://hostname:port |
| Failover Endpoint URL | The endpoint of the failover server. Example: opc.tcp://192.168.1.0:62541 |
| Failover Host Override | When specified, if the endpoint address returned by the failover OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname. Example: 192.168.1.10 |
Security​
| Property | Description |
|---|---|
| Certificate Validation Enabled | ​ New in 8.1.0 Enables validation of server certificates. This is required by the OPC UA specification, but it may be disabled for troubleshooting or temporarily connecting to servers with invalid or untrusted certificates. Default is true. Caution: Disabling certificate validation compromises the security of the connection. |
| KeyStore Alias | The alias of the certificate and private key stored in the client KeyStore. |
| Password Fields | The password to use when authenticating with the UA server. |
Failover Versus Backup Properties​
The Failover properties should be used when a single Ignition Gateway needs to connect to a pair of redundant OPC UA servers. The failover OPC UA server will be used in the event the primary OPC server goes down. To enable failover, set the Failover Enabled property to true, and specify the Failover Endpoint. The Failover Threshold can be adjusted if desired.
Failover events are "sticky." That means once control has moved to a backup OPC UA server, it stays there until that server fails.