UaExpert  1.6.2 438


The following screenshot shows the window layout of UaExpert when first started. The window titles link to a more detailed description.

Document Window
Can display different view modes. By default, the Data Access View is selected.
Project Window
Can be used to manage multiple server connections.
Address Space Window
Shows the address space of the server which is currently selected in the Project Window.
Attributes Window
Shows the attributes of the node which is currently selected in the Address Space Window.
References Window
shows the references of the node which is currently selected in the Address Space Window.
Log Window
Displays status and error messages.
Default window layout of UaExpert

You can rearrange and resize these windows to your liking and close the windows which you don’t need at the moment. To open a previously closed window, right-click on the toolbar and select the window from the context menu.

Menu Bar

The menu bar contains the following entries:

Create/open and save projects, quit UaExpert.
Show/hide windows or toolbars
Add/remove servers, change connection status and properties, change user
Add a new view/remove a view from the Document Window
Display a list of installed plugins, change the configuration, manage certificates
View various help sources, check license status, check for updates, view “About UaExpert” dialog

Document Window

The document window can display different view modes. By default, the Data Access View is selected.

UaExpert ships with several plugins. To open a different view in the document window, choose DocumentAdd… from the menu and choose the document type from the drop-down list. See plugins for the documentation of the different options.

All currently open views are shown in the Project Window under Documents and can be saved in a project file.

It’s also possible to open more than one view of the same type at the same time (e.g. multiple Data Access Views.

Project Window

The project window displays all server connections and views (see screenshot).

Project Window


All server connections are listed under Servers. The plug icon in front of each entry indicates whether UaExpert is connected to the server or not or whether an error occurred (the type of error is shown in the Log Window).

From the context menu you can

  • add/remove servers
  • connect to/disconnect from a server
  • edit connection properties
  • change authentication settings
  • add/remove views

All open views are listed under documents. Double-click on a previously closed view to open it in the document window. Choose Remove from the context menu to remove an entry from the list.

Address Space Window

The address space window shows the address space of the server which is currently selected in the Project Window.

Address Space Window

This window can be used to browse the server’s address space. When clicking on the triangle in front of a node, all child elements are shown.

The symbols in front of each node indicate the node class (e.g. Object, Variable, Method …).

It is possible to drag items from here to the document window, e.g. dragging a Variable node to the Data Access View creates a subscription containing a monitored item.

Click on the orange arrow symbol at in front of the drop-down menu to rebrowse.

The drop-down menu at the top of the Address Space Window can be used to highlight the content of a certain namespace: When clicking on the drop-down menu, all namespaces in the server’s namespace table are shown. When a namespace is selected, all nodes belonging this namespace are displayed in a bold font.

Attributes Window

The attributes window shows the attributes of the node which is currently selected in the Address Space Window.

Attributes Window

This window contains three buttons:

Refresh (orange arrows)
Re-reads the attributes of the selected node
On/Off (green check mark/red cross)
Enable/disable reading of attributes when selecting another node in the Address Space Window.
Expand all (tree symbol)
Expands the view for all attributes in this window

References Window

The references window shows the references of the node which is currently selected in the Address Space Window.

References Window

There are four buttons and a drop-down menu:

Refresh (orange arrows)
Refresh the list of references for the selected node
On/Off (green check mark/red cross)
Enable/Disable refreshing of the list of references when selecting another node
Show hierarchical references
Enable/Disable the listing of hierarchical references
Show non-hierarchical references
Enable/Disable the listing of non-hierarchical references
Drop-down menu
Select whether forward references, inverse or both should be listed

Log Window

The log window is used to display status and error messages.

Log Window

The red cross button can be used to clear the log window. Click on the floppy disc symbol to save the current log to a text file.

Configure UaExpert

Choose Settings → Configure UaExpert... from the Menu Bar to change various settings of UaExpert.

All available settings are displayed in a list. You can use the Filter field to restrict the list to settings containig the typed string. Click at a table cell to change the current value. Clicking on the red arrow resets the parameter to the default value (see screenshot).


Certificate Manager

To identify itself to communication partners, each installed OPC UA application or devices needs an Application Instance Certificate and an associated public/private key pair. A communication partner can use the public key to verify the trust relation, check the signature of messages, and encrypt messages. The Application Instance Certificate, including the public and private key, can either be generated by the application (see Initial Start-Up of UaExpert) or provided by a certificate management service like the OPC UA Global Discovery Server (GDS) (see Certificate Manager with GDS).

During Initial Start-Up of UaExpert a so called self-signed certificate is created. This is used as default identity in the Default Certificate Store.

The Certificate Manager is a handy tool to manage certificates known to UaExpert. Choose Settings → Manage Certificates... from the menu, and a new dialog window will open that shows the Default Certificate Store.


The dialog displays a list of the certificates an certificate revocation lists in UaExpert’s certificate store. There are separate tabs for issuers and TLS issuers.

Different icons indicate the certificates’ statuses:

Check Mark
The certificate is trusted.
Red Cross
The certificate is rejected.
Check Mark With Error Symbol
The certificate is expired or not yet valid.
UaExpert Icon
This certificate is UaExpert’s own application instance certificate.

A right-click on a certificate displays a context menu providing various actions, depending on the status of the certificate (see screenshot): You may trust untrusted certificates, reject already trusted certificates, delete a certificate, or open the certificate in your operating system’s default certificate manager.

When clicking on the orange arrow symbol in the bottom left corner (see screenshot), the contents of the certificate store are reread.

Furthermore, it is possible to create a new application instance certificate (see Initial Start-Up of UaExpert). When clicking on the button Open Certificate Location, the folder containing trusted certificates is opened in your operating system’s file manager.

Certificate Manager with GDS

Certificates issued by the OPC UA application are called self-signed certificates. They are typically generated during installation of the application or at first start. To establish a trust relation between an OPC UA client and server, the self-signed certificates of the communication partner are installed to the trust list. The client certificate is installed to the trust list of the server and the server certificate to the trust list of the client. If the certificate of an application is removed from the trust list, a communication establishment is no longer possible.

Certificates signed by Certificate Authorities (CA) enable central trust management for a group of OPC UA applications or devices. In this case, just the CA certificate must be installed to the trust list of the OPC UA applications. After the CA certificate is installed, all other applications with certificates signed by the CA are able to communicate with each other. To be able to exclude previously trusted applications from the communication, the CA maintains a Certificate Revocation List (CRL). Each installed CA certificate must have an associated, up-to-date CRL installed. This CRL is required for a verification of the trust relation. The OPC UA Global Discovery Server (GDS) definition provides a mechanism for central management of CA signed certificates and update of the corresponding CRLs. CA certificates can build a chain, e.g. a root CA for a company, a CA for a site where the site CA is signed by the root CA and a CA for a production line in the site. An OPC UA application in the production line would only trust the CA for the production line. The other CA certificates are only used to verify the chain.

The Certificate Manager allows adding a second application identity that is signed by a CA managed by a GDS. The management includes updates of trust list and CRLs.

To enable GDS management, open the settings Settings → Configure UaExpert... and change the setting General.MaxGdsServers to the number of GDS servers you want to use.

After restart of UaExpert the GDS management tab is added (open Settings → Manage Certificates...)


On the tab 'GDS Server 1', it is possible to register UaExpert with a GDS using the button 'Register at GDS'. The GDS endpoint can be selected in the discovery dialog. After the selection of the GDs, UaExpert registers with the GDS and requests a signed certificate.

The status of the registration is shown the Information group.

The cycle time for updating the trust list from the GDS can be configured. This includes checks for necessary UaExpert certificate update.