Creating an OPC UA Connection

Before you can use Open Platform Communications Unified Architecture (OPC UA) for data connectivity in GENESIS, you need to set up a connection between your OPC UA server and your FrameWorX server.

For more details on OPC and OPC UA protocols, refer to OPC Introduction and Getting the OPC UA Server URL.

To establish a connection between GENESIS and an OPC UA Server, you need the following prerequisites:

  • An OPC UA server with an open network port or on the same machine as GENESIS is installed and running. We recommend using a certificate for secure communication.

  • The OPC UA application is included in your GENESIS project in the Workbench. For more information on managing applications in your project, refer to Application(s) Settings Overview
  • The GENESIS OPC UA Point Manager service is running.

To create an OPC UA connection in Workbench:

  1. Open Workbench and in Project Explorer, expand your project > Data Connectivity > OPC UA.

    Workbench - Expand Connections

  2. Double click OPC UA Connections and in the Connections panel of the OPC UA Connections dialog, select Click here to add new item.

    Workbench - Tab OPC UA Connections

  3. In Connection Settings in Name, enter a unique name of the OPC connection.

  4. In Server URL, enter the URL that consists of the following elements:

    • Protocol, which is opc.tcp.
    • Domain name, such as myopcserver.mycompanydomain.com. If the OPC UA Server runs on the same machine, use localhost.

    • Port number that was set up in the OPC UA server configuration properties. In the example, it is 52250.

      The port 52250 is specific to DeviceXPlorer OPC Server.

    Example: opc.tcp://localhost:52250/

    It represents the local instance of DeviceXPlorer OPC Server, listening on port 52250.

  5. In Preferred Endpoint, click next to the field to download all available endpoints, and then select the desired endpoint from the drop-down list.

    Workbench - OPC UA endpoints

  6. Click Test Connection. When the Success message is displayed, click OK.

    OPC UA - Successful Test Connection

    If asked, select to trust the server certificate. In this setting, it is necessary to allow the connection. Learn more

    In some cases, you may be required to copy the certificates to the OPC Foundation folder. Learn more

  7. Complete the following fields in the Connection Settings section.

    • Fallback To: Defines what happens in case the preferred endpoint is not found—whether the connection should use the most secured or the least secured (or unsecured) endpoint. For the production environment, select Fallback to the maximum security available.
    • Disable Domain Check: When unselected, the domain name contained in the server certificate must match the domain name in the Server URL parameter. Selecting the check box disables this test; although it is less secure, it may be the only option in case the server certificate contains a domain, such as mycompany.com, while the Server URL contains the IP address of the server.

    • Browsing Mode: Specifies how the point names for the given server should be constructed, whether they should be based on the node IDs, or on the browse paths.

      • Always Node ID: The point names will contain node IDs, which directly identify the objects in the server. It is the recommended option as it is fast and reliable. However, the node IDs are not guaranteed to be human-readable (this depends on the server implementation).
      • Always Browse Path: The point names will be based on the browse path, which defines how to get to the given object. The browse paths are hierarchical and human-readable but they must be translated to node IDs before you can use them, which may be a lengthy operation for many servers.
      • String Node ID, otherwise Browse Paths: A combination of the two options above. The node ID is used in case it is in a text format, otherwise the browse path is used.
    • Authentication Mode: Defines how the UA server authenticates a user. This is server-dependent; user support is optional. For DeviceXPlorer OPC Server, you can leave it as Anonymous.
      • Anonymous: There is no user support or no user should be logged in.
      • Username and Password: Users are authenticated by their credentials.

      • Certificate: Users are authenticated by their certificate.

        This is a different certificate than the one for communication encryption. This certificate identifies the actual user as a person.

  8. Edit the default settings in the Other Settings, Limits per Call, and Advanced Timeout Settings sections as desired, and then click Apply.

  9. Verify the connection using one of the following tools:

    • Data Browser: You can view the connection details in Workbench immediately after applying the settings. Learn more
    • Data Explorer: You can also view the values of the OPC UA tags. Learn more
    • GraphWorX: You can view the current value of the selected OPC UA tag in a GraphWorX display. Learn more