There can be found a wide topics covering how to ENABLE forced certificates on OPC-UA, but there is nowhere to be found on how to disable it again. Once it has been enabled, I can not go back to plain text communication or just authentication with username and password.
I know the following setting for the cfg file: [CmpOPCUAServer]
SECURITY.CommunicationMode=SIGNED_AND_ENCRYPTED
from some V3.5.16.10 documentation found online, I know there is the following setttings in the OPCUA server, but what is the correct syntax to configure them as the one above here?
Hey folks. Does anyone know what is the parameter to change the OPCUA port from 4840 (default) to 4843 (SSL)? Webserver uses the WebServerSecurePortNr=PORT_NUMBER, so maybe OPCUA uses something similar? Hmm... I have a feeling @eschwellinger or @i-campbell can quickly answer this. Thanks!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
There can be found a wide topics covering how to ENABLE forced certificates on OPC-UA, but there is nowhere to be found on how to disable it again. Once it has been enabled, I can not go back to plain text communication or just authentication with username and password.
I know the following setting for the cfg file:
[CmpOPCUAServer]
SECURITY.CommunicationMode=SIGNED_AND_ENCRYPTED
from some V3.5.16.10 documentation found online, I know there is the following setttings in the OPCUA server, but what is the correct syntax to configure them as the one above here?
Enumeration Type Documentation
enum CmpOPCUAServer_SecurityPolicy
Enumerator:
CmpOPCUAServer_SecurityPolicy_Basic128Rsa15
CmpOPCUAServer_SecurityPolicy_Basic256
CmpOPCUAServer_SecurityPolicy_Basic256Sha256
enum CmpOPCUAServer_CommunicationMode
Enumerator:
CmpOPCUAServer_CommMode_OnlyPlaintext
CmpOPCUAServer_CommMode_PlainAndSecure
CmpOPCUAServer_CommMode_MinSigned
CmpOPCUAServer_CommMode_SignedAndEncrypted
enum CmpOPCUAServer_Activation
Enumerator:
CmpOPCUAServer_Deactivated
CmpOPCUAServer_Activated
enum CmpOPCUAServer_UserAuthentication
Enumerator:
CmpOPCUAServer_UserAuthentication_Disabled
CmpOPCUAServer_UserAuthentication_Enabled
CmpOPCUAServer_UserAuthentication_Enforced
enum CmpOPCUAServer_AllowUserPasswordOnPlaintext
Enumerator:
CmpOPCUAServer_AllowUserPasswordOnPlaintext_Yes
CmpOPCUAServer_AllowUserPasswordOnPlaintext_No
Is it just the enum alias and then the settings? Is there a manual for this stuff anywhere?
Last edit: MadsKaizer 2021-02-24
Error messages from UaExpert on connection with anonymous or a chosen username with access rights to OPCUAserver
Error message fra Prosys POC UA browser on anonymous and username
Hey folks. Does anyone know what is the parameter to change the OPCUA port from 4840 (default) to 4843 (SSL)? Webserver uses the
WebServerSecurePortNr=PORT_NUMBER
, so maybe OPCUA uses something similar? Hmm... I have a feeling @eschwellinger or @i-campbell can quickly answer this. Thanks!Found the answer, use parameter
NetworkPort=4843
. More details can be found in: https://faq.codesys.com/display/CDSFAQ/OPC+UA+Server