opcuaconfig

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
opcuaconfig [2025/03/24 20:16]
wikiadmin [Notes] 		opcuaconfig [2025/03/24 20:27] (current)
wikiadmin [Notes]
Line 10: Line 10:
 | **opcua.tcp.port** | (Optional) TCP port for OPC UA binary (opc.tcp) connections. | `12686` | | **opcua.tcp.port** | (Optional) TCP port for OPC UA binary (opc.tcp) connections. | `12686` |
 | **opcua.https.port** | (Optional) Port for HTTPS-based OPC UA connections. | `8443` | | **opcua.https.port** | (Optional) Port for HTTPS-based OPC UA connections. | `8443` |
-| **opcua.certificates.dir** | (Required) Directory containing the server certificate. | *none* | 
 | **opcua.serverpass** | (Required) Password for the server certificate's private key. | *none* | | **opcua.serverpass** | (Required) Password for the server certificate's private key. | *none* |
 | **opcua.trusted.cert.location** | (Optional) Location of the client PKI folder. Must contain subfolders: `trusted/`, `rejected/`, and `issuers/`. | `security/security/pki` | | **opcua.trusted.cert.location** | (Optional) Location of the client PKI folder. Must contain subfolders: `trusted/`, `rejected/`, and `issuers/`. | `security/security/pki` |
 | **opcua.bind.address** | (Optional) Additional local network interfaces to bind to. Useful for multi-homed systems. | *none* | | **opcua.bind.address** | (Optional) Additional local network interfaces to bind to. Useful for multi-homed systems. | *none* |
 | **opcua.securitypolicy** | (Optional) Security policy for server endpoints. Supported values: ''None'', ''Basic128Rsa15'', ''Basic256'', ''Basic256Sha256'', ''Aes128_Sha256_RsaOaep'', ''Aes256_Sha256_RsaPss''. If not specified, ''Basic256Sha256'' is used. | `Basic256Sha256` | | **opcua.securitypolicy** | (Optional) Security policy for server endpoints. Supported values: ''None'', ''Basic128Rsa15'', ''Basic256'', ''Basic256Sha256'', ''Aes128_Sha256_RsaOaep'', ''Aes256_Sha256_RsaPss''. If not specified, ''Basic256Sha256'' is used. | `Basic256Sha256` |
 +| **allow.anonymous.identities** | (Optional) Allow anonymous identities.  If false a username/password is required to connect | *false* |
 ==== Notes ==== ==== Notes ====
  
-  * The server always exposes an endpoint with a security policy of **''None''**, but it is bound only to the local interface (''localhost''). This allows local applications to connect easily for testing and development purposes. It does **not** pose a security risk because it is not accessible from external systems.+  * The server always exposes an endpoint with a security policy of **''None''**, but it is bound only to the local interface (''localhost''). This allows local applications to easily connect to the server. It does **not** pose a security risk because it is not accessible from external systems.
   * Security policies ''Basic256'' and ''Basic128Rsa15'' are deprecated and should not be used unless required for legacy interoperability.   * Security policies ''Basic256'' and ''Basic128Rsa15'' are deprecated and should not be used unless required for legacy interoperability.
   * Certificates for trusted clients should be placed in the `trusted/` folder within the specified `opcua.trusted.cert.location` directory. Rejected and issuer certificates should go in the `rejected/` and `issuers/` folders respectively.   * Certificates for trusted clients should be placed in the `trusted/` folder within the specified `opcua.trusted.cert.location` directory. Rejected and issuer certificates should go in the `rejected/` and `issuers/` folders respectively.
-  + 
- +
 ===TransSECS OPC-UA Server Setup=== ===TransSECS OPC-UA Server Setup===
  
  • opcuaconfig.1742865390.txt.gz
  • Last modified: 2025/03/24 20:16
  • by wikiadmin