OPC UA communication
9.3 Using the S7-1500 as an OPC UA server
Communication
176 Function Manual, 12/2017, A5E03735815-AF
Explanation of fields for certificate generation
● CA
Select whether the certificate is to be self-signed or signed by one of the CA certificates
of the TIA Portal. The certificates are described under "Certificates with OPC UA
(Page 149)". If you want to generate a certificate that is to be signed by one of the CA
certificates of the TIA-Portal, the project must be protected and you must be logged in as
a user with all the required function rights. Further information can be found under
"Basics of user administration in the TIA Portal".
● Certificate holder
The default setting always consists of the name of the project and "\OPCUA-1". In the
example, the project name is "PLC1". In the properties of the CPU set the project name
under "General > Project information" > Name". Keep the default or enter a different
name that is more meaningful for the OPC-UA server under "Certificate holder".
● Signature
Here you select the hash and encryption process that is to be used when signing the
server certificate. The following entries are available:
– "sha1RSA",
– "sha256RSA".
● Valid from
Here you enter the date and time for the beginning of the validity of the server certificate.
● Valid until
Here you enter the date and time for the end of the validity of the server certificate.
Ensure that the certificate is valid not only for one year or a few years. In the example the
certificate is valid for 30 years. However, for reasons of security you should renew the
certificate at much shorter intervals. The long period of validity gives you the opportunity
to decide when a suitable moment would be, for example, when the system is being
serviced.
● Usage
The default is "OPC UA client & server". Keep this default for the OPC UA server. The
"Generate new certificate" dialog can be called from several points in STEP 7. If, for
example, you call this dialog for the Web server of the CPU, "Web server" is entered
under "Application". The following entries are available in the Usage drop-down list:
– "OPC UA client"
– "OPC UA client & server"
– "OPC UA server"
– "TLS"
– "Web server"
To Next Page
Loading...
