This plugin is based on the S2OPC open source library.
OPC UA server protocol stack configuration
Attributes definition
| Attribute | Description | Expected values | Mandatory |
|---|---|---|---|
| url | The server URL endpoint | “opc.tcp://:[/sub/path]” e.g. “opc.tcp://localhost:4841” | YES |
| appUri | The application URI | e.g. “urn:S2OPC:localhost” | YES |
| productUri | The product URI | e.g. “urn:S2OPC:localhost” | YES |
| appDescription | Application description | Any non-empty string. | YES |
| localeId | The default language Id. | e.g. "en-US", "fr-FR", ... | YES |
| namespaces | List of namespaces URI, starting at namespace 1. Thus, the array should contain only one name. (Array is kept for portability) | e.g. for 2 users namespaces (ns=1, ns=2): [ "urn:S2OPC:localhost", "urn:S2OPC:localhost_2" ] | YES |
| policies | Array of accepted policies If no security is required: | YES | |
| policies.securityMode | The security mode | A string among “None”, “Sign” and “SignAndEncrypt” (case insensitive) | YES |
| policies.securityPolicy | The security policy | A string among “None”, “Basic256”, “Basic256Sha256”, “Aes128Sha256RsaOaep” and “Aes256Sha256RsaPss” | YES |
| policies.userPolicies | The user policy If no security is required, "Anonymous" should be used | A string among “Anonymous”, “username”, “username_None”, “username_Basic256” | YES |
| users | A map of 'user':'password'. If no user-authentication is required, it can be an empty object | e.g: {"user" : "password", "user2" : "xGt4sdE3Z+" } e.g: {} | YES |
| certificates | Note: all certificate files are expected to be provided in the $(FLEDGE_INSTALL)/data/etc/certs/s2opc_srv folder | NO | |
| certificates.serverCertPath | The Server certificate filename (DER format) | e.g. "server_2k_cert.der" | NO |
| certificates.serverKeyPath | The Server key filename (PEM format) | e.g. "server_2k_key.pem" | NO |
| certificates.trusted_root | The list of trusted root certificates (DER) | e.g. [ "cacert.der" ] | NO |
| certificates.trusted_intermediate | The list of trusted intermediate certificates (DER) | Same as “trusted_root” | NO |
| certificates.revoked | The list of revoked certificates (DER) | Same as “trusted_root” | NO |
| certificates.untrusted_root | The list of untrusted root certificates (DER) | Same as “trusted_root” | NO |
| certificates.untrusted_intermediate | The list of untrusted intermediate certificates (DER) | Same as “trusted_root” | NO |
| certificates.issued | The list of untrusted issued certificates (DER) | Same as “trusted_root” | NO |
Configuration JSON structure
{
"transport_layer":{
"url":"opc.tcp://localhost:4841/OPCUA/s2opc",
"appUri":"urn:S2OPC:localhost",
"productUri":"urn:S2OPC:localhost",
"appDescription":"Application description",
"localeId":"en-US",
"namespaces":[ "urn:S2OPC:localhost" ],
"policies":[
{
"securityMode":"None",
"securityPolicy":"None",
"userPolicies":[
"anonymous"
]
},
{
"securityMode":"SignAndEncrypt",
"securityPolicy":"Basic256Sha256",
"userPolicies":[
"username_Basic256Sha256",
"username_None"
]
}
],
"users":{ "user":"password", "user2":"xGt4sdE3Z+" },
"certificates":{
"serverCertPath":"server_2k_cert.der",
"serverKeyPath":"server_2k_key.pem",
"trusted_root":[ "cacert.der" ],
"trusted_intermediate":[],
"revoked":["cacrl.der"],
"untrusted_root":[],
"untrusted_intermediate":[],
"issued":[]
}
}
}