Siemens SIMATIC ET 200AL - Certificates with OPC UA

Siemens SIMATIC ET 200AL

1585 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

OPC UA communication

9.2 Security at OPC UA

Communication

Function Manual, 12/2017, A5E03735815-AF

149

Secure channel

OPC UA uses the private and public key of client and server to establish a secure

connection, the secure channel. Once the secure connection has been established, the

client and server generate an internal key only known to them which they both use for

signing and encrypting messages. This symmetric process (a shared key) is much faster

than asymmetric processes (private and public key).

9.2.3

Certificates with OPC UA

Usage of X509 certificates with OPC UA

OPC UA uses three types of X.509 certificates for establishing connections from client to

server:

● OPC UA application certificates

Such X.509 certificates identify the software instance, the installation of client or server

software. For the "Organization name" attribute, you enter the name of the company that

uses the software.

Note

The OPC UA server of the S7

-1500 uses application certificates also for the security

setting "None" (No security). This ensures compatibility to OPC UA V1.1 and earlier

versions.

● OPC UA software certificates

This X509 certificate identifies a specific version of the client or server software. These

certificates contain attributes that describe which tests this version of the software has

passed during certification by the OPC Foundation (or recognized test laboratories). For

the "Organization name" attribute, you enter the name of the company that has

developed or markets the software.

Note

Software certificates are not supported in STEP 7 V15.

● OPC UA user certificates

This X509 certificate identifies the specific user who, for example, accesses process data

from the OPC UA server of an S7-1500 CPU. This certificate is not required if the user

can authenticate themselves with a password, or if anonymous access is configured.

Note

User certificates are not supported in STEP 7 V15.

These certificates are end-entity certificates: They identify, for example, a person, an

organization, a company or an instance (installation) of a software.

Table of Contents

Other manuals for Siemens SIMATIC ET 200AL

Equipment Manual46 pages

Related product manuals

Preview: Siemens SIMATIC ET 200M

Siemens SIMATIC ET 200M

Preview: Siemens SIMATIC ET 200S

Siemens SIMATIC ET 200S

Preview: Siemens SIMATIC ET 200SP

Siemens SIMATIC ET 200SP

Preview: Siemens simatic ET 200MP

Siemens simatic ET 200MP

Preview: Siemens SIMATIC ET 200pro

Siemens SIMATIC ET 200pro

Siemens SIMATIC S5 ET 200U

Preview: Siemens SIMATIC ET 200SP HA

Siemens SIMATIC ET 200SP HA

Preview: Siemens SIMATIC ET 200eco PN

Siemens SIMATIC ET 200eco PN

Preview: Simatic S7-1500 / ET 200MP

Simatic S7-1500 / ET 200MP

Preview: SIMATIC ET 200SP DI 8x24VDC ST

SIMATIC ET 200SP DI 8x24VDC ST

Preview: SIMATIC ET 200SP 6ES7134-6GD01-0BA1

SIMATIC ET 200SP 6ES7134-6GD01-0BA1

Preview: SIMATIC ET 200SP HA DQ 32x24VDC/0.5A HA

SIMATIC ET 200SP HA DQ 32x24VDC/0.5A HA