UaGDS
1.0.1
|
This manual is an online reference and also contains general information about how to use the UaGDS. Please read the Introduction to UaGDS first before you start.
UaGDS manages the security aspects of OPC UA applications in a network. The centralized approach simplifies the security configuration and administration. It enables the use of OPC UA security and application discovery in larger OPC UA deployments.
The UaGDS product consists of a central UaGDS network service and a UaGDS configuration tool. The UaGDS network service is an OPC UA server that implements a Discovery Service and a Certificate Management Service. Both services are compliant with the OPC UA Discovery and Global Services specification. The certificate management includes a built-in CA for certificate signing and the Pull and Push management for certificate and trust list updates.
Any OPC UA application either client or server can register at the UaGDS and, after being approved, create signing request with the UaGDS's built-in CA. All UA applications that belong to the same security scope thereafter only need to trust the CA in order to trust all OPC UA applications that have been signed by this CA. After the initial on-boarding with the UaGDS the OPC UA application is automatically managed via the UaGDS, hence there is no further manual interaction required. The OPC UA applications will automatically be updated with security certificates, trust lists and revocations.
The configuration tool allows remote configuration using only OPC UA interfaces. It provides a monitoring view for a quick status overview, a configuration view for application management and provides administration functionality for the general UaGDS and CA configuration.
You can install and run a UaGDS in your machine, in your production cell or in your production line depending on the trust relation of the involved OPC UA applications. You could also run UaGDS in the production hall or the complete facility.
Key features:
After the Installation of the UaGDS network service and the UaGDS configuration tool, the initial Administration steps must be executed to prepare the UaGDS for normal operation.
The registration and Pull certificate management for an OPC UA client is described step by step for UaExpert.
The registration and Push certificate management for an OPC UA server is described step by step for the OPC UA C++ Demo Server.
This manual also provides the following sections: