UA Server SDK C++ Bundle
1.4.1.271
|
The Unified Automation C++ Server SDK provides different options for server configuration.
The figure Options for product specific configuration gives an overview of the SDK classes designed for this purpose.
The SDK provides the following classes:
The class ServerConfig is the interface used by the SDK to access product specific configuration settings.
The class ServerConfigData implements the interface ServerConfig and provides configuration settings through the settings stored in the member variables of the class.
The class ServerConfigXml loads the settings from an XML file and stores them in the members of ServerConfigData.
These classes offer the following options for integrating product specific configuration settings.
A Product specific XML configuration file is loaded by the helper class ServerConfigXml. For more information, see XML Configuration File. An example for this file is included with the SDK: [Installation Directory]/bin/ServerConfig.xml
A Product specific INI configuration file is loaded by the helper class ServerConfigIni. For more information, see INI Configuration File. An example for this file is included with the SDK: [Installation Directory]/bin/ServerConfig.ini
The settings are loaded from an existing product configuration data base and stored in ServerConfigData members. This requires the implementation of a product specific class for loading the configuration settings, which is derived from ServerConfigData.
An XML based example configuration file can be found in [Installation Directory]/bin
.
The element <Trace>
stores the trace settings for the OPC UA Stack and OPC UA Application. It contains the following child elements:
Element | Description | Default |
---|---|---|
UaStackTraceEnabled | Enable or disable the UA stack trace; possible values are true or false. | false |
UaStackTraceLevel | The UA stack trace level; possible values are
| NONE |
UaAppTraceEnabled | Enable or disable the UA server application trace; possible values are true or false | false |
UaAppTraceLevel | The UA server application trace level; possible values are
| NoTrace |
UaAppTraceMaxEntries | The maximum number of trace entries in one file | 100000 |
UaAppTraceMaxBackup | The maximum number of backup files | 5 |
UaAppTraceFile | The trace file; [Application Path] can be used as a placeholder for the path to the server application, e.g. [ApplicationPath]/srvTrace.log . | Set by define SERVERCONFIG_SERVERTRACEFILE |
TraceEvents | Setting to allow clients to get the SDK trace outputs for trace levels
See getTraceEventSettings for more details. | History |
This part of the configuration defines the OPC UA communication endpoints for the server and their security configurations.
The configuration information for each Endpoint has to be stored in a separate XML element <UaEndpoint>
using the child elements described later on.
The following code gives an example for a completely configured endpoint.
Element | Description | Default | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SerializerType | The data type encoding for network transport; currently, only Binary is supported | — | ||||||||||||||||||||||||
Url | URL of the Endpoint; this URL is used for Discovery and to open the Endpoints in the UA stack if no StackUrl is configured. [NodeName] can be used as placeholder for the computer name. | — | ||||||||||||||||||||||||
StackUrl | Optional URL that allows to define a specific address the stack should use to bind to, e.g. opc.tcp://192 .168.0.15:48010. It can be used to bind the endpoint to a specific network card or to localhost only. | — | ||||||||||||||||||||||||
SecuritySetting | Each supported security setting has to be stored in a separate XML element <SecuritySetting> containing the following child elements:
| — | ||||||||||||||||||||||||
IsVisible | Flag indicating if the endpoint is provided in GetEndpoints and is therefore visible to a client. | true | ||||||||||||||||||||||||
IsDiscoveryUrl | Flag indicating if the endpoint URL is provided as discovery URL. | true | ||||||||||||||||||||||||
AutomaticallyTrustAllClientCertificates | This option can be activated if certificates are only used for message security but not for application authentication. If set to true, all client certificates will be accepted automatically and will not be stored. It is strongly recommended to use this option only together with user authentication. | false | ||||||||||||||||||||||||
SecurityCheckOverwrites | Some of the OPC UA security checks are optional in OPC UA or cause interoperability issues with older OPC UA clients and can be disabled by an administrator of the OPC UA server through the following configuration options (create a separate child element for each check to enable/disable).
| |||||||||||||||||||||||||
CertificateStore | Certificate store used for PKI certificate handling; different Endpoints can have different stores and different server certificates. See the separate table for child elements. |
Element | Description | Default | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
OpenSSLStore | File based certificate store used with OpenSSL; [ApplicationPath] can be used as placeholder for the application path.<OpenSSLStore> has the following child elements:
| — | |||||||||||||||||||||||||||
WindowsStore | [ApplicationPath] can be used as placeholder for the application path.<WindowsStore> has the following child elements:
| — | |||||||||||||||||||||||||||
GenerateCertificate | Enable or disable server certificate creation if no certificate is available; possible values: true or false . | false | |||||||||||||||||||||||||||
CertificateSettings | Settings for a certificate generated by the server; the information is stored in the following child elements:
|
Element | Description | Default |
---|---|---|
MaxRequestAge | The maximum age of a request (in milliseconds) the server allows. | 0 (unlimited) |
MaxSessionCount | The maximum number of sessions allowed by the server; ; 0 is unlimited. | 100 |
MaxSessionsPerClient | The maximum number of sessions the server allows per client; 0 is unlimited. | 0 |
MinSessionTimeout | The minimum timeout for a session (in milliseconds) the server allows to set; 0 is unlimited. | 10000 |
MaxSessionTimeout | The maximum timeout for a session (in milliseconds) the server allows to set; 0 is unlimited. | 3600000 |
MaxBrowseContinuationPoints | The maximum number of Browse Continuation Points managed by a session. | 0 (using internal default settings) |
MaxBrowseResults | The maximum number of Browse results for one browse operation. | 0 (using internal default settings) |
MaxNodesToBrowse | The maximum number of nodes to browse the server will accept. | 0 (unlimited) |
MaxHistoryContinuationPoints | The maximum number of History Continuation Points managed by a session. | 0 (using internal default settings) |
MinPublishingInterval | The minimum publishing interval (in milliseconds) the server allows. | 50 |
MaxPublishingInterval | The maximum publishing interval (in milliseconds) the server allows. | 0 (no limitation) |
MinKeepAliveInterval | The minimum KeepAlive interval (in milliseconds) the server allows. | 5000 |
MinSubscriptionLifetime | The miniimum Subscription lifetime (in milliseconds) the server allows; 0 is no limitation. | 10000 |
MaxSubscriptionLifetime | The maximum Subscription lifetime (in milliseconds) the server allows. | 0 (no limitation) |
MaxRetransmissionQueueSize | The maximum number of messages per Subscription in the republish queue the server allows. | 10 |
MaxNotificationsPerPublish | The maximum number of notifications per Publish the server allows. | 0 (no limitation) |
MaxDataQueueSize | The maximum size of data monitored item queues. | 100 |
MaxEventQueueSize | The maximum size of event monitored item queues. | 1000 |
MaxSubscriptionCount | The maximum number of subscriptions the server allows to create. | 0 (unlimited) |
MaxSubscriptionsPerSession | The maximum number of subscriptions the server allows to create per Session. | 0 (unlimited) |
MaxMonitoredItemCount | The maximum number of monitored items the server allows to create. | 0 (unlimited) |
MaxMonitoredItemPerSubscriptionCount | The maximum number of monitored items per subscription the server allows to create. | 0 (unlimited) |
MaxMonitoredItemPerSessionCount | The maximum number of monitored items per session the server allows to create. | 0 (unlimited) |
MinSupportedSampleRate | The minimum sample interval (in milliseconds) supported by the server. | 0 |
AvailableSamplingRates | The settings for the sampling engine; each sampling rate (in milliseconds) has to be stored in a separate child element, e.g. <SamplingRate>50</SamplingRate> . | 50, 100, 250, 500, 1000, 2000, 5000, 10000 |
AvailableLocaleIds | The settings for the available LocaleIds known to be supported by the server; each LocaleId has to be stored in a separate child element, e.g. <LocaleId>en</LocaleId> . | en |
AvailableServerProfiles | The settings for the available UA profiles known to be supported by the server; each profile has to be stored in a separate child element. | http://opcfoundation.org/UAProfile/Server/StandardUA |
IsAuditActivated | Flag indicating if audit events are activated; possible values: true or false . | false |
ThreadPoolSettings | The settings for the thread pools used in the server application. A thread pool is a list of worker threads. The minimum size denotes the size of the tread pool at initialization. It grows dynamically until the maximum size is reached. The following child elements can be set:
| 4 (for each) |
RejectedCertificatesDirectory | Folder used to store rejected client certificates; e.g. [ApplicationPath]/pki/rejected . Administrators can copy files from this folder to the trust list. [Application Path] can be used as a placeholder for the path to the server application. | — |
RejectedCertificatesCount | Maximum number of certificates stored in the rejected certificates directory. | 100 |
Element | Description | Default |
---|---|---|
ProductUri | A globally unique identifier for the server product; e.g. urn:UnifiedAutomation:UaServerCpp . | Set by define SERVERCONFIG_PRODUCTURI |
ManufacturerName | A human readable name for manufacturer of the product. | Set by define SERVERCONFIG_MANUFACTURERNAME |
ProductName | A human readable name for the server product. | Set by define SERVERCONFIG_PRODUCTNAME |
SoftwareVersion | A string representing the version of the server product. | Set by define SERVERCONFIG_SOFTWAREVERSION |
BuildNumber | A string representing the build number of the server product. | Set by define SERVERCONFIG_BUILDNUMBER |
These elements provide server instance information defined for the server installation. [NodeName] can be used as a placeholder for the computer name.
Element | Description | Default |
---|---|---|
ServerUri | A globally unique identifier for the server installation; e.g. urn:[NodeName]:UnifiedAutomation:UaServerCpp . | Set by define SERVERCONFIG_SERVERURI |
ServerName | A human readable name for the server installation; e.g. UaServerCpp@[NodeName] . | Set by define SERVERCONFIG_SERVERNAME |
The configuration of supported user identity tokens is stored in the element <UserIdentityTokens>
. It contains the following child elements:
Element | Description | Default |
---|---|---|
EnableAnonymous | Enable or disable anonymous log-on; possible values are true or false . | true |
EnableUserPw | Enable or disable user/password log-on; possible values are true or false . | false |
EnableCertificate | Enable or disable certificate based user log-on; possible values are true or false . | false |
EnableKerberosTicket | Enable or disable log-on with kerberos ticket; possible values are true or false . | false |
The configuration for the registration with discovery server(s) is stored in the element <DiscoveryRegistration>
. It contains the following child elements:
Element | Description | Default |
---|---|---|
AutomaticCertificateExchange | Flag indicating if the certificates should be exchanged with the windows certificate store | false |
DiscoveryServerTrustListLocation | Path of the local discovery server trust list. This is where the server copies its certificate to if the file based store of the new LDS is used. | — |
DiscoveryServerStoreName | Store name used for the local discovery server in the windows certificate store. | — |
DiscoveryServerCertificateName | Certificate name of the local discovery server in the windows certificate store. | — |
RegistrationInterval | Interval (in milliseconds) for registration with discovery server(s) | 30000 |
Url | List of discovery servers to register with, typically opc.tcp://localhost:4840 (local discovery server); if the list is empty, no registration is executed. Additional remote discovery servers can be added. | — |
This element provides the redundancy settings for the server.
Element | Description | Default |
---|---|---|
RedundancySupport | Possible redundancy support options are None , Cold , Warm , Hot and Transparent (Transparent requires a special module). | None |
ServerUri | The list of server URIs for the servers in the NonTransparent redundant set. Add a separate child element ServerUri for each server. The server itself has to be included in the list (see sample code). | — |
This is required for the redundancy configuration to provide the discovery URLs for the configured ServerUris of the redundant servers in a non-transparent redundancy set. It is possible to define a list of application descriptions as child elements of <AdditionalServerEntries>
as shown in the code sample. [NodeName] can be used as a placeholder for the computer name. The own server must be excluded from the list.
This can also be used to configure other servers on the same system if the server itself is running on Port 4840.
Element | Description |
---|---|
ApplicationUri | A globally unique identifier for the server product. |
ProductUri | A globally unique identifier for the product the server belongs to. |
ApplicationName | A human readable name for the server product. |
ApplicationType | Possible application types are Server and ClientAndServer . |
GatewayServerUri | A URI that indentifies the Gateway Server associated with the DiscoveryUrl. |
DiscoveryProfileUri | A URI that identifies the discovery profile supported by the URL. |
DiscoveryUrl | URL for the discovery Endpoint provided by the server. |
This part of the configuration defines the OPC UA Stack serializer settings and are stored in the element <Serializer>
. Set these values carefully, as they are the security constraints for the serializer. The following child elements can be set:
Element | Description | Default |
---|---|---|
MaxAlloc | The largest size for a memory block the serializer can do when deserializing a message. | Set by define OPCUA_SERIALIZER_MAXALLOC |
MaxStringLength | The largest string accepted by the serializer. | Set by define OPCUA_ENCODER_MAXSTRINGLENGTH |
MaxByteStringLength | The largest byte string accepted by the serializer. | Set by define OPCUA_ENCODER_MAXBYTESTRINGLENGTH |
MaxArrayLength | Maximum number of elements in an array accepted by the serializer. | Set by define OPCUA_ENCODER_MAXARRAYLENGTH |
MaxMessageSize | The maximum number of bytes per message in total. | Set by define OPCUA_ENCODER_MAXMESSAGELENGTH |
The element <StackThreadPoolSettings>
stores the settings for the thread pool used in the OPC UA Stack. It contains the following child elements:
Element | Description | Default |
---|---|---|
Enabled | Controls whether the secure listener uses a thread pool to dispatch received requests. | false |
MinThreads | The minimum number of threads in the thread pool. | 5 |
MaxThreads | The maximum number of threads in the thread pool. | 5 |
MaxJobs | The length of the queue with jobs waiting for a free thread. | 20 |
BlockOnAdd | If MaxJobs is reached, the add operation can block or return an error. | true |
Timeout | If the add operation blocks on a full job queue, this value sets the maximum waiting time (in milliseconds). 0 is infinite. | infinite |
An INI based example configuration file can be found in [Installation Directory]/bin
.
Parameter | Description | Default |
---|---|---|
ProductUri | A globally unique identifier for the server product | Set by define SERVERCONFIG_PRODUCTURI |
ManufacturerName | A human readable name for manufacturer of the product. | Set by define SERVERCONFIG_MANUFACTURERNAME |
ProductName | A human readable name for the server product. | Set by define SERVERCONFIG_PRODUCTNAME |
SoftwareVersion | A string representing the version of the server product. | Set by define SERVERCONFIG_SOFTWAREVERSION |
BuildNumber | A string representing the build number of the server product. | Set by define SERVERCONFIG_BUILDNUMBER |
These parameters provide server instance information defined for the server installation. [NodeName] can be used as a placeholder for the computer name.
Parameter | Description | Default |
---|---|---|
ServerUri | A globally unique identifier for the server installation. | Set by define SERVERCONFIG_SERVERURI |
ServerName | A human readable name for the server installation. | Set by define SERVERCONFIG_SERVERNAME |
Here, the trace settings for the OPC UA Stack and OPC UA Application are stored. The following parameters can be set:
Property | Description | Default |
---|---|---|
UaAppTraceFile | The trace file; [Application Path] can be used as a placeholder for the path to the server application. | Set by define SERVERCONFIG_SERVERTRACEFILE |
UaStackTraceEnabled | Enable or disable the UA stack trace; possible values are true or false. | false |
UaStackTraceLevel | The UA stack trace level; possible values are
| NONE |
UaAppTraceEnabled | Enable or disable the UA server application trace; possible values are true or false | false |
UaAppTraceLevel | The UA server application trace level; possible values are
| NoTrace |
UaAppTraceMaxBackup | The maximum number of backup files | 5 |
UaAppTraceMaxEntries | The maximum number of trace entries in one file | 100000 |
TraceEvents | Setting to allow clients to get the SDK trace outputs for trace levels Errors , Warning and Info via HistoryRead for events and/or Events from the server. Possible values are:
| History |
Parameter | Description | Default |
---|---|---|
MaxRequestAge | The maximum age of a request (in milliseconds) the server allows. | 0 (unlimited) |
MaxSessionCount | The maximum number of sessions allowed by the server; 0 is unlimited. | 100 |
MaxSessionsPerClient | The maximum number of sessions the server allows per client; 0 is unlimited. | 0 |
MinSessionTimeout | The minimum timeout for a session (in milliseconds) the server allows to set; 0 is unlimited. | 10000 |
MaxSessionTimeout | The maximum timeout for a session (in milliseconds) the server allows to set; 0 is unlimited. | 3600000 |
MaxBrowseContinuationPoints | The maximum number of Browse Continuation Points managed by a session. | 0 (using internal default settings) |
MaxBrowseResults | The maximum number of Browse results for one browse operation. | 0 (using internal default settings) |
MaxNodesToBrowse | The maximum number of nodes to browsethe server will accept. | 0 (unlimited) |
MaxHistoryContinuationPoints | The maximum number of History Continuation Points managed by a session. | 0 (using internal default settings) |
MinPublishingInterval | The minimum publishing interval (in milliseconds) the server allows. | 50 |
MaxPublishingInterval | The maximum publishing interval (in milliseconds) the server allows. | 0 (no limitation) |
MinKeepAliveInterval | The minimum KeepAlive interval (in milliseconds) the server allows. | 5000 |
MinSubscriptionLifetime | The minimum Subscription lifetime (in milliseconds) the server allows; 0 is no limitation. | 10000 |
MaxSubscriptionLifetime | The maximum Subscription lifetime (in milliseconds) the server allows. | 0 (no limitation) |
MaxRetransmissionQueueSize | The maximum number of messages per Subscription in the republish queue the server allows. | 10 |
MaxNotificationsPerPublish | The maximum number of notifications per Publish the server allows. | 0 (no limitation) |
MaxDataQueueSize | The maximum size of data monitored item queues. | 100 |
MaxEventQueueSize | The maximum size of event monitored item queues. | 1000 |
MaxSubscriptionCount | The maximum number of subscriptions the server allows to create. | 0 (unlimited) |
MaxSubscriptionsPerSession | The maximum number of subscriptions the server allows to create per Session. | 0 (unlimited) |
MaxMonitoredItemCount | The maximum number of monitored items the server allows to create. | 0 (unlimited) |
MaxMonitoredItemPerSubscriptionCount | The maximum number of monitored items per subscription the server allows to create. | 0 (unlimited) |
MaxMonitoredItemPerSessionCount | The maximum number of monitored items per session the server allows to create. | 0 (unlimited) |
MinSupportedSampleRate | The minimum sample interval supported by the server. | 0 |
AvailableSamplingRates | The settings for the sampling engine; add a line AvailableSamplingRates/SamplingRate_[n]=[sampling rate in milliseconds] for each sampling rate (see sample code). | 50, 100, 250, 500, 1000, 2000, 5000, 10000 |
AvailableLocaleIds | The settings for the available LocaleIds known to be supported by the server; add a line AvailableLocaleIds/LocaleId_[n]=[Locale ID] for each Locale ID (see sample code). | en |
AvailableServerProfiles | The settings for the available UA profiles known to be supported by the server; add a line AvailableServerProfiles/ServerProfileUri_[n]=[Server Profile URI] for each Server Profile URI (see sample code). | http://opcfoundation.org/UAProfile/Server/StandardUA |
IsAuditActivated | Flag indicating if audit events are activated; possible values: true or false . | false |
ThreadPoolSettings | The settings for the thread pools used in the server application; the following parameters can be set (each in a separate line ThreadPoolSettings/[parameter]=[value] ): MaxSizeTransactionManager , MinSizeTransactionManager , MaxSizeSubscriptionManager , MinSizeSubscriptionManager (see sample code). | 4 (for each) |
RejectedCertificatesDirectory | Folder used to store rejected client certificates; e.g. [ApplicationPath]/pki/rejected . Administrators can copy files from this folder to the trust list. [Application Path] can be used as a placeholder for the path to the server application. | — |
RejectedCertificatesCount | Maximum number of certificates stored in the rejected certificates directory. | 100 |
The configuration of supported user identity tokens is stored in the parameter set UserIdentityTokens
containing the following parameters:
Parameter | Description | Default |
---|---|---|
EnableAnonymous | Enable or disable anonymous log-on; possible values are true or false | true |
EnableUserPw | Enable or disable user/password log-on; possible values are true or false | false |
EnableCertificate | Enable or disable certificate based user log-on; possible values are true or false . | false |
EnableKerberosTicket | Enable or disable log-on with kerberos ticket; possible values are true or false . | false |
This part of the configuration defines the OPC UA Stack serializer settings. Set these values carefully, as they are the security constraints for the serializer. The following parameters can be set:
Parameter | Description | Default |
---|---|---|
MaxAlloc | The largest size for a memory block the serializer can do when deserializing a message. | Set by define OPCUA_SERIALIZER_MAXALLOC |
MaxStringLength | The largest string accepted by the serializer. | Set by define OPCUA_ENCODER_MAXSTRINGLENGTH |
MaxByteStringLength | The largest byte string accepted by the serializer. | Set by define OPCUA_ENCODER_MAXBYTESTRINGLENGTH |
MaxArrayLength | Maximum number of elements in an array accepted by the serializer. | Set by define OPCUA_ENCODER_MAXARRAYLENGTH |
MaxMessageSize | The maximum number of bytes per message in total. | Set by define OPCUA_ENCODER_MAXMESSAGELENGTH |
The parameter set StackThreadPoolSettings
stores the settings for the thread pool used in the OPC UA Stack. The following parameters can be set:
Parameter | Description | Default |
---|---|---|
Enabled | Controls whether the secure listener uses a thread pool to dispatch received requests. | false |
MaxJobs | The length of the queue with jobs waiting for a free thread. | 20 |
Timeout | If the add operation blocks on a full job queue, this value sets the maximum waiting time (in milliseconds). 0 is infinite. | infinite |
BlockOnAdd | If MaxJobs is reached, the add operation can block or return an error. | true |
MaxThreads | The maximum number of threads in the thread pool. | 5 |
MinThreads | The minimum number of threads in the thread pool. | 5 |
The configuration for the registration with discovery server(s) is stored in the parameter set DiscoveryRegistration
containing the following parameters:
Parameter | Description | Default |
---|---|---|
AutomaticCertificateExchange | Flag indicating if the certificates should be exchanged with the windows certificate store | false |
DiscoveryServerTrustListLocation | Path of the local discovery server trust list. This is where the server copies its certificate to if the file based store of the new LDS is used. | — |
DiscoveryServerStoreName | Store name used for the local discovery server in the windows certificate store. | — |
DiscoveryServerCertificateName | Certificate name of the local discovery server in the windows certificate store. | — |
RegistrationInterval | Interval (in milliseconds) for registration with discovery server(s) | 30000 |
Url | List of discovery servers to register with, typically opc.tcp://localhost:4840 (local discovery server); if the list is empty, no registration is executed. To add additional remote discovery servers, add each in a separate line, consecutively numbered (DiscoveryRegistration/Url_[n]=[Server Url] ). | — |
This parameter set provides the redundancy settings for the server.
Element | Description | Default |
---|---|---|
RedundancySupport | Possible redundancy support options are None , Cold , Warm , Hot and Transparent (Transparent requires a special module). | None |
ServerUri | The list of server URIs for the servers in the NonTransparent redundant set. Add a separate line in the form RedundancySettings/ServerUri_ [n]=[ServerUri] for each server. The server itself has to be included in the list (see sample code). | — |
This is required for the redundancy configuration to provide the discovery URLs for the configured ServerUris of the redundant servers in a non-transparent redundancy set. It is possible to define a list of application descriptions numbered consecutively as shown in the code sample. [NodeName] can be used as a placeholder for the computer name. The own server must be excluded from the list.
This can also be used to configure other servers on the same system if the server itself is running on Port 4840.
Element | Description |
---|---|
ApplicationUri | A globally unique identifier for the server product. |
ProductUri | A globally unique identifier for the product the server belongs to. |
ApplicationName | A human readable name for the server product. |
ApplicationType | Possible application types are Server and ClientAndServer . |
GatewayServerUri | A URI that identifies the Gateway Server associated with the DiscoveryUrl. |
DiscoveryProfileUri | A URI that identifies the discovery profile supported by the URL. |
DiscoveryUrl | URL for the discovery Endpoint provided by the server. |
The following code gives an example for a parameter set resulting in a completely configured endpoint. Use consecutively numbered parameter sets UaEndpoint_[n]
for additional Endpoints.
The following table gives an overview of the configurable parameters for each Endpoint.
Parameter | Description | Default | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Url | URL of the Endpoint; this URL is used for Discovery and to open the Endpoints in the UA stack if no StackUrl is configured. [NodeName] can be used as placeholder for the computer name. | — | ||||||||||||||||||||||||
SerializerType | The data type encoding for network transport; currently, only Binary is supported | — | ||||||||||||||||||||||||
AutomaticallyTrustAllClientCertificates | This option can be activated if certificates are only used for message security but not for application authentication. If set to true , all client certificates will be accepted automatically and will not be stored. It is strongly recommended to use this option only together with user authentication. | false | ||||||||||||||||||||||||
StackUrl | Optional URL that allows to define a specific address the stack should use to bind to, e.g. opc.tcp://192 .168.0.15:48011. It can be used to bind the endpoint to a specific network card or to localhost only. | — | ||||||||||||||||||||||||
IsVisible | Flag indicating if the endpoint is provided in GetEndpoints and is therefore visible to a client. | true | ||||||||||||||||||||||||
IsDiscoveryUrl | Flag indicating if the endpoint URL is provided as discovery URL. | true | ||||||||||||||||||||||||
SecuritySetting | Each supported security setting has to be stored in a separate parameter set UaEndpoint_[m]/SecuritySetting_[n]/[parameter]=[value] , numbered consecutively (see sample code). The following parameters can be specified:
| — | ||||||||||||||||||||||||
SecurityCheckOverwrites | Some of the OPC UA security checks are optional in OPC UA or cause interoperability issues with older OPC UA clients and can be disabled by an administrator of the OPC UA server using the following configuration options. Add a separate line UaEndpoint_[m]/SecurityCheckOverwrites/[parameter]=[value] for each parameter (see sample code).
| |||||||||||||||||||||||||
CertificateStore | Certificate store used for PKI certificate handling; different Endpoints can have different stores and different server certificates. See the separate table for related parameters. |
Parameter | Description | Default | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
OpenSSLStore | File based certificate store used with OpenSSL; [ApplicationPath] can be used as placeholder for the application path. The following parameters have to be set:
| — | |||||||||||||||||||||||||||
WindowsStore | [ApplicationPath] can be used as placeholder for the application path. The following parameters have to be set:
| — | |||||||||||||||||||||||||||
GenerateCertificate | Enable or disable server certificate creation if no certificate is available; possible values: true or false . | false | |||||||||||||||||||||||||||
CertificateSettings | Settings for a certificate generated by the server; the information is stored in the following parameters:
|