The OPC UA Gateway
software consists of OPC UA GW
itself and its configuration tool "UaGateway Configuration"
that are both contained in a single installation package. After the installation, there are two available tools:
UaGateway Administration - can be used for setting up the OPC UA Gateway and for certificate management
UaGateway Configuration - can be used for setting up the access to OPC UA Gateway and corresponding OPC UA servers
- OPC UA GW must be installed including the Third-Party software that contains the support for classic OPC. The installation allows to enable preset port (4850) in the firewall.
This tool is used for OPC UA Gateway
setup, certificate management, etc.
- after the installation, the UAGateway Administration tool is launched automatically.
- on its first launch a dialog is displayed in order to create certificate for the UA Gateway application
- after the certificate for UA Gateway is created another dialog is shown in order to create certificate for UaGateway Configuration application.
- this UaGateway Configuration certificate is automatically set as trusted for OPC UA Gateway (can be checked in the UaGateway Administration tool on the "Cerfiticates" tab).
- it is necessary to define the user account to be used for launching the OPC UA GW service (Warning: the user account must be password protected).
- in OPC UA Gateway, on the Channels page, it is possible to define connections to OPC servers: OPC UA servers, classic OPC DA, OPC AE, OPC HDA
After the initial setup the UaGateway ConfigurationTool
can be launched in order to define the OPC UA
servers connections of the UA Gateway.
Connection to the OPC UA Gateway
- add new UaGateway (click "Add" in UaGateway menu).
- in the add UaGateway window doubleclick the item and enter the address and port (default opc.tcp://localhost:4850).
- select the corresponding item from connection list (if the address is entered correctly and the UaGateway is running then the connection options are displayed).
- for debugging and testing purposes select the no-security option (None - None)
- for real applications select the high-security option (e.g. Basic256 - Sign & Encrypt)
- check "Connect Automatically" and press OK.
This way you connect to the OPC UA Gateway and can continue with server(s) setup to be connected to the OPC Gateway.
OPC UA servers connection configuration
- in the "Device Address Space" window select item OPC UA servers
- in the right portion of the window click the "Add server" button
- in open dialog window for adding UA server doubleclick the item in order to enter address and port of OPC UA server (respect regular/CAPITAL letters in name).
- from the displayed list of OPC UA server security options select security level (high security level is recommended, e.g. "Basic256 - Sign & Encrypt").
- OPC UA Gateway can also work the opposite direction, i.e. from OPC to OPC UA (it is also possible to use two OPC UA GW as a tunnel for classic OPC if there are problems with network OPC)
Certificate setup on OPC UA server
If the OPC UA Gateway certificate is not trusted by the UA server then "Server Status" indicates "Lost connection, trying reconnect".
- in order to solve this problem it is necessary to set the certificate for UA Gateway as trusted on the OPC UA server side
- if the OPC UA Gateway certificate appears in the list of rejected certificates then it must be transferred among trusted certificates
- (e.g. for Unified Automation OPC UA Demo server move the corresponding certificate from folder "Users\All users\Unified Automation\UaAnsiServer\pki\rejected" into folder "Users\All users\Unified Automation\UaAnsiServer\pki\trusted\certs").
- once the certificate is set as trusted the OPC UA server status changes to "Connected".
- if the server status is "Connected" then the communication between OPC UA server and OPC UA Gateway is working and it is possible to continue by creating an application with classic OPC communication, where the OPC server will be represented by "OPC UA Gateway".
OPC UA GW manufacturer (and worldwide distributor):