UaExpert  1.6.2 438

This page describes discovery and connection options of UaExpert. A simple example can be found here: Step-by-Step Connect Example.

OPC UA Discovery

To connect to a server, a client needs information like network address, protocol, and security settings. For this purpose, OPC UA defines a set of discovery features.

All information which is required to establish a connection between client and server is stored in a so-called endpoint. A server can provide several endpoints, each containing

  • Endpoint URL (protocol and network address)
  • Security Policy (name for a set of security algorithms and key length)
  • Message Security Mode (security level for exchanged messages)
  • User Token Type (types of user authentication supported by the server)

If several OPC UA servers exist, a Discovery Server can be used to provide information of available servers. Servers can register at the Discovery Server. Clients may then request a list of all available servers from the discovery server. The discovery server provides a DiscoveryUrl together with some basic information like the server name.

The DiscoveryUrl is then used to connect to the server and to request the endpoint information using the GetEndpoints service.


OPC UA defines three different discovery options:

  • Local Discovery
  • Multicast Subnet Discovery
  • Global Discovery

The standard OPC UA port is 4840. For local discovery, the client can construct a connection URL with the host name (e.g. opc.tcp://localhost:4840 or opc.tcp://targetHost:4840). This URL is then used to connect to the local discovery server on the host and to call FindServers. If there is only one server on a host, this server will used the standard port and will respond to FindServers with his own information. If several servers are available on a host, a Local Discovery Server (LDS) is used to provide the list of servers as response to FindServers.

The OPC UA Global Discovery Server (GDS) concept allows the configuration of a network wide discovery of OPC UA servers that is not limited to a subnet like mDNS. In addition, it provides functionality for central certificate management including the distribution of CA signed certificates and related Certificate Revocation Lists (CRL) (see also UaExpert GDS registration). A GDS is a complete OPC UA Server and therefore provides the only secure discovery option.

Discovery Dialog (Add Server)

UaExpert provides different type of discovery functionality in the Add Server dialog:

Discovery using the standard port 4840 on the local host. Returns a list of local server or servers known to the Local Discovery Server (LDS).
Global Discovery Server
Allows the configuration of one or more Global Discovery Servers (GDS). The list of servers registered with the GDS is requested using QueryServers.
Reverse Discovery
Servers that use reverse connect can be discovered by entering an URL that is used by UaExpert to receive reverse connections from OPC UA servers.
Custom Discovery
Allows the configuration of a list of DiscoveryUrls for known servers to get the available endpoints of the servers.
Recently Used
List of endpoints and connection settings used recently to connect to servers.

For the selected endpoint the following additional settings are available:

  • Configuration name for the connection used in the project view and recently used
  • PKI store and identity used for the connection (see also Certificate Manager and Certificate Manager with GDS)
  • User authentication
  • Connect automatically
Discovery in Add Server Dialog

Connect with User Authentication

UaExpert supports user authentication via Username/Password and Certificate. These authentication settings can either be selected in the Add Server dialog (see screenshot in the Step-by-Step Connect Example), or it can be chosen later in the Project Window.

Right-click on the Server entry and choose Properties… (if you’re currently not connected to the server) or Change User… (to change the user during an active connection) from the context menu. A dialog for changing authentication settings will open (see screenshot).

Authentication Settings

Select the radio button next to Username/Password. The users known to Unified Automation’s ANSI C Demo Server are listed in the ANSI C SDK Documentation

Nodes with user based access rights can be found in the folder Objects* → Demo005_AccessRights in the server’s address space.

Advanced Options for New Projects

Instead of using the discovery window as described in Step-by-Step Connect Example, the Advanced tab offers to enter connection information directly. If all relevant connection parameters are known, this dialog window can be used to enter the information and skip the discovery process (see screenshot). Furthermore, it is possible to specify a custom name for the session.

Advanced Options for Adding a New Server