garmenmikel - 2018-11-14

Hello,

I would like to create a secure communication in OPC-UA between the server (Codesys) and the client (UaExpert). The OPC-UA server has been created in a Raspberry Pi after following the steps of the page https://help.codesys.com/webapp/_cds_ru ... n=3.5.13.0.

I created a certificate for the CODESYS OPC UA server, and then I configured an encrypted connection with the UaExpert client (Basic256Sha256 + Sign&Encrypt). Until here, everything has worked correctly.

But, I want the client, to be able to communicate with the server, have to use the certificate mandatorily.
In UaExpert, when I pulse Discovery and I add the direction of my OPC-UA server, it appears that I can access my OPC-UA server with three types of security:
None - None (uatcp-uasc-uabinary)
Basic256Sha256 - Sign (uatcp-uasc-uabinary)
Basic256Sha256 - Sign & Encrypt (uatcp-uasc-uabinary)

In the secure configuration Basic256Sha256 - Sign & Encrypt, I have to trust the client certificate in Codesys --> View --> Security Screen --> Devices. And I like it. But then, in UaExpert if I try to connect using None - None configuration, I can access to the server freely.

I would like to configure a secure configuration in the server, and when I Discovery the server in UaExpert, I want that I can only communicate using Basic256Sha256 - Sign & Encrypt. How can I do?

Thanks!

IMG: 5

IMG: 4

IMG: 3

IMG: 2

IMG: 1