|title||Ignition version 7.8 and up|
Ignition 7.8 and up
|title||Ignition version 7.7 and prior|
Ignition 7.7 and prior
The Add OPC Server Connection Step 1: Choose Type page is displayed.
Choose OPC-UA as the connection type, and click Next.
Name: Kepware, the name you specify here will appear under Devices folder on the Quick Client page in the Gateway.
Host: localhost, if the Kepware server is hosted on your own machine, otherwise, use the actual IP address of the machine.
Port: 49320, is the default port.
Go to the Server Endpoints tab, check the URL to ensure it shows your localhost and the 49320 port, and click Close.
Go back to the New OPC Server Connection page, make sure you have the following default settings:
Security Policy: Basic128Rsa15
Message Security Mode: SignAndEncrypt
If Status does not read Connected, click the edit link next to the server connection, scroll down to the bottom of the connection configuration page, and click Save. If Status is still reading something other than Connected, click the OPC Connection Status link at the bottom of the OPC Server Connections page and see if there are any useful messages to help troubleshoot the issue. Also, ensure your firewall is not blocking traffic on the port that KEPServerEX is using to communicate.
The failover Kepware OPC-UA server works the same as the OPC-UA server with the exception that you need to have two copies of Kepware setup, preferably on different servers. The failover Kepware OPC-UA server will be used in the event the primary Kepware server goes down. To enable failover, check the box to Show advanced properties in the New OPCUA Connection Settings, set the Failover Enabled property to 'true,' and specify the Failover Endpoint.
The Backup properties should be used when a pair of redundant Ignition Gateways are trying to look at the same Kepware OPC-UA server. Both the Backup Discovery URL and Backup Endpoint URL properties need to be configured.
For additional information on Failover, refer to OPC-UA Connections and Settings.
No Anonymous Token Policy Found
When connecting to KepServer, some versions may not allow anonymous connections by default. This typically means you need to specify user credentials for Ignition to use in the OPC-UA server connection. Alternatively, individual Kepware Projects can allow anonymous login. For more information, take a look at KepServer's documentation.
Other UA Servers
While the above example is specific to KEPServerEX, the same concepts apply to connecting to any other third party OPC server that accepts OPC-UA client connections. The only difference may be in the way that the certificates are accepted on the server.
The Ignition OPC-UA server sends the client certificate to the third party OPC server when it tries to make the connection, however if the OPC server is not designed to expect these certificates then there may not be a straight forward way to accept them. In these cases you can manual download a client ticket from Ignition and supply it to the OPC server in the appropriate manner.
To Download a Client Certificate Manually
- Go to Configure section in the Gateway.
- Select OPC-UA > Certificate from the left side of the page. The Manage Certificates page is displayed.
- In the This Gateway tab, click the download link under Ignition OPC-UA Client, and save the certificate somewhere to disk. This certificate is then supplied to your third-party OPC server in a way specific to that server. For more information, check the respective server's documentation.