Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ InTouch HMI

Use OI Gateway to configure the client security certificate

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

Use OI Gateway to configure the client security certificate

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMay 29, 2025
  • 2 minute read

Gateway Communication Driver provides a convenient method for configuring security certification on the server and client OPC UA nodes.

Configure the security certificate through Gateway Communication Driver

  1. From the Start Menu on the run-time node, open the Operations Control Management Console. (Start > AVEVA > Operations Control Management Console)

    Configure OPCUA Client Security certificate

  2. In the console tree, navigate to the OI.GATEWAY.3 node under Operations Integration Supervisory Servers.

  3. Create an OPC UA connection.

  4. Configure OPC UA Server Details.

    • Server Node: Enter the machine name of the run-time node.

    • OPC UA Server: This is the URI (uniform resource identifier) for the OPC UA server (the run-time node). The address must be entered manually because it is not currently discoverable. Enter it in the format opc.tcp://<machine name>:<OPC UA port number>

      Use the OPC UA port number that you entered when configuring the InTouch OPC UA Server in InTouch HMI Application Manager. The default port number is 48032.

  5. Enter the authorization and authentication credentials.

    You must match the authorization settings configured in the OPC UA server dialog. If the Require Security Authentication checkbox is checked, then you must select the following settings:

    • Security Policy: Basic256Sha256.

    • Security Message Mode: Sign and Encrypt.

    • Under User Credentials, select Anonymous User to allow anonymous access. You can also provide user credentials of authenticated users if the corresponding option was selected during OPC UA configuration. The user credentials provided must be part of the InTouchHMIOPCUAWriteUsers user group.

  6. Select the Test button. The test will fail, but it will download the OPC UA certificate.

    IMPORTANT! The reason for this initial test failure is because the certificates between the client and server applications must be trusted. Installing the certificates will fix this.

  7. Go to the next section.

Once the certificates are trusted, the OPC UA client configuration will need to be validated.

For more information see Configure an OPC UA Data Source Object.

TitleResults for “How to create a CRG?”Also Available in