This plugin is based on the S2OPC open source library.
OPC UA server protocol stack configuration
Attributes definition
Attribute | Description | Expected values | Mandatory |
---|---|---|---|
url | The server URL endpoint | “opc.tcp://:[/sub/path]” e.g. “opc.tcp://localhost:4841” | YES |
appUri | The application URI | e.g. “urn:S2OPC:localhost” | YES |
productUri | The product URI | e.g. “urn:S2OPC:localhost” | YES |
appDescription | Application description | Any non-empty string. | YES |
localeId | The default language Id. | e.g. "en-US", "fr-FR", ... | YES |
namespaces | List of namespaces URI, starting at namespace 1. Thus, the array should contain only one name. (Array is kept for portability) | e.g. for 2 users namespaces (ns=1, ns=2): [ "urn:S2OPC:localhost", "urn:S2OPC:localhost_2" ] | YES |
policies | Array of accepted policies If no security is required: | YES | |
policies.securityMode | The security mode | A string among “None”, “Sign” and “SignAndEncrypt” (case insensitive) | YES |
policies.securityPolicy | The security policy | A string among “None”, “Basic256”, “Basic256Sha256”, “Aes128Sha256RsaOaep” and “Aes256Sha256RsaPss” | YES |
policies.userPolicies | The user policy If no security is required, "Anonymous" should be used | A string among “Anonymous”, “username”, “username_None”, “username_Basic256” | YES |
users | A map of 'user':'password'. If no user-authentication is required, it can be an empty object | e.g: {"user" : "password", "user2" : "xGt4sdE3Z+" } e.g: {} | YES |
certificates | Note: all certificate files are expected to be provided in the $(FLEDGE_INSTALL)/data/etc/certs/s2opc_srv folder | NO | |
certificates.serverCertPath | The Server certificate filename (DER format) | e.g. "server_2k_cert.der" | NO |
certificates.serverKeyPath | The Server key filename (PEM format) | e.g. "server_2k_key.pem" | NO |
certificates.trusted_root | The list of trusted root certificates (DER) | e.g. [ "cacert.der" ] | NO |
certificates.trusted_intermediate | The list of trusted intermediate certificates (DER) | Same as “trusted_root” | NO |
certificates.revoked | The list of revoked certificates (DER) | Same as “trusted_root” | NO |
certificates.untrusted_root | The list of untrusted root certificates (DER) | Same as “trusted_root” | NO |
certificates.untrusted_intermediate | The list of untrusted intermediate certificates (DER) | Same as “trusted_root” | NO |
certificates.issued | The list of untrusted issued certificates (DER) | Same as “trusted_root” | NO |
Configuration JSON structure
{ "transport_layer":{ "url":"opc.tcp://localhost:4841/OPCUA/s2opc", "appUri":"urn:S2OPC:localhost", "productUri":"urn:S2OPC:localhost", "appDescription":"Application description", "localeId":"en-US", "namespaces":[ "urn:S2OPC:localhost" ], "policies":[ { "securityMode":"None", "securityPolicy":"None", "userPolicies":[ "anonymous" ] }, { "securityMode":"SignAndEncrypt", "securityPolicy":"Basic256Sha256", "userPolicies":[ "username_Basic256Sha256", "username_None" ] } ], "users":{ "user":"password", "user2":"xGt4sdE3Z+" }, "certificates":{ "serverCertPath":"server_2k_cert.der", "serverKeyPath":"server_2k_key.pem", "trusted_root":[ "cacert.der" ], "trusted_intermediate":[], "revoked":["cacrl.der"], "untrusted_root":[], "untrusted_intermediate":[], "issued":[] } } }