Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

PI OPC UA Server

TABLE OF CONTENTS

AVEVA PI OPC UA Server configuration

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMar 30, 2026
  • 4 minute read
    • Developer

The settings on this page configure how an OPC UA client application connects to the PI OPC UA Server. This activity is usually performed during the installation of the PI OPC UA Server; however, it can be run independently using the Configurator program from the AVEVA Program Folder.

Prerequisite

A certificate file is required to enable configuration of the connection.

Configure Connection to OPC UA client

PI OPC UA Server uses a client certificate to manage access to the server from the client(s) when X.509 certificate authentication is enabled, the default installation setting. This security mechanism verifies the identity of a client that connects to the PI OPC UA Server. Before an OPC UA Client connects to the PI OPC UA Server using an X.509 certificate, that trusted certificate must be imported into the server to establish a secure connection. See the Security section for additional client authentication configuration details, like creating an OpenSSL certificate.

The window allows:

  • Selection of the client certificate

  • Port Number

  • Disabling authentication

  • Disabling encryption

  • Advanced configuration items

  • Determination of the type and amount of log information

AVEVA PI OPC UA Server configuration

X509 Client Certificates

Import Certificate

  1. Select Import Certificate.

  2. Locate the certificate file and select Open. The certificate loads.

  3. If necessary, under Trusted, deselect the certificate to disable using the certificate.

Server

Port Assignment

When the PI OPC UA Server is installed, the TCP port used for connections is set to 48032.

  1. Update the port number if using a different port than the default.

  2. Select Configure to save the changes.

    Note: The PI OPC UA Server (service) must be restarted any time the port number is updated. This restart is performed using the Windows Services control panel applet, named AVEVA PI OPC UA Server.

    Log Determination

    Select the level of log information desired. See Logging for additional details.

    Disable Security

    These options disable security so are not recommended and should only be used when troubleshooting.

    • Select Allow Anonymous Authentication to enable a client to connect without authentication.

    • Select Allow Security Policy None to disable any encryption with a client.

    Advanced

    Select Advanced to see a list of default settings that will be used. It is recommended to retain the default settings unless something specifically needs adjustment.

    Name

    Description

    Allowable Range Values

    Allow Self-Signed Certificates

    If true, allows certificates used for authentication to be self-signed. True by default.

    True or False

    Authentication Expiration

    The time interval used for expiring an authenticated client.

    1 min - 365 days

    Server Certificate Thumbprint

    Allows specification of a custom certificate's thumbprint used for securing an SSL/TLS socket. See Note below. Also, certificate must be present in the LocalMachine\Personal certificate store.

    n/a

    Retained Log Files

    The number of log files that are retained by the server.

    1 - 365

    Minimum Session Timeout

    The minimum time in milliseconds that a session must timeout.

    1 or greater

    Maximum Session Timeout

    The maximum time in milliseconds that a session can timeout.

    1 or greater

    Maximum Sessions

    The maximum number of concurrent sessions allowed on the server.

    1 or greater

    Minimum Publishing Interval

    The minimum time in milliseconds of the publishing interval for a subscription.

    1 or greater

    Publishing Interval Resolution

    The publishing interval resolution in milliseconds for a subscription.

    1 or greater

    Maximum Subscriptions

    The maximum number of concurrent subscriptions that may be open.

    1 or greater

    Maximum Session Subscriptions

    The maximum number of concurrent subscriptions that may be open in a given session.

    1 or greater

    Maximum Monitored Items per Subscription

    The maximum number of monitored items in a subscription.

    1 or greater

    Maximum Subscription Messages in Queue

    The maximum number of subscription messages that are held in the subscription queue.

    1 or greater

    Maximum History Read Data Points

    The maximum number of data points that may be requested by a history read operation.

    1 - 65535

    Repository Cache Max Size

    The maximum number of repository nodes that may be held in the cache.

    1 or greater

    Repository Cache Expiration

    The time interval in which a repository node is held in the cache.

    10 sec - 1 day

    Refresh Polling Interval

    The time interval used to poll for changes in the data source backing the repository.

    10 sec - 1 day

    Note: To find thumbprint of the certificate, double-click the certificate in the certmgr.msc window or the file itself. The thumbprint can be found on the Details tab:

    Finish Configuration

    Once all options have been chosen, select Configure to save the changes.

    In This Topic
    TitleResults for “How to create a CRG?”Also Available in