This section describes the settings associated with the connection point (endpoint). Endpoint determines the connection address and the required security modes that OPC UA clients must use.
Monokot OPC Server provides communication for OPC UA clients only using the UA TCP protocol (binary data transfer protocol). Default UA TCP endpoint is opc.tcp://localhost:43043/MonokotOPC
- Port – specifies the port to connect to the UA TCP endpoint (by default 43043)
- Channel Lifetime – specifies the number of milliseconds, after which the server frees up resources for the channel
If you use firewall you must add the incoming connections rule for OPC UA clients
The TCP UA endpoint allows you to encrypt and verify authenticity of transmitted data and provides the following security policies:
- None – allows for transfer of data without encryption
- Basic128Rsa15, Basic256, Basic256Sha256 – allows you to transfer encrypted data in different modes
After changing and synchronizing the settings described above the OPC UA server will be automatically restarted
A custom security certificate can be specified for UA TCP Endpoint. To do this, you need to import the certificate from a PFX file. To import a custom security certificate, open the OPC UA manager in Monokot Server Administrator and switch to the UA TCP Endpoint tab.
Click the Import button and choose the PFX file. Enter password for the certificate (if no password is used, leave the field empty) and click OK. For the changes to take effect on the server, click Sync or press the F5 key. The UA TCP Endpoint tab also offers the following possibilities:
- To reissue the security certificate
- To reset the custom security certificate to the server’s default certificate
- To export the certificate (public key) to a CRT file
Monokot Server Administrator offers a tool for creating a self-signed PFX certificate. To launch it, choose Tools → Create Self-signed certificate… in the main window.