Protecting OPC UA Data Items (OPC UA Toolkit)
- Updated2023-02-21
- 2 minute(s) read
Protecting OPC UA Data Items (OPC UA Toolkit)
Compared with classic OPC, OPC Unified Architecture (UA) offers expanded security across servers and clients by utilizing private keys and public keys. A certificate file contains a pair of keys: a public key and a private key.
You can use the Add Trusted Clients VI to add a public key that an OPC UA client uses to an OPC UA server. You can use the Connect VI to specify the public key that an OPC UA server uses.
By default, the OPC UA server or client trusts the certificate file it uses. Ensure that the public key and private key have the same name and reside in the same folder. You can use an existing certificate file. If you do not specify a certificate file for the OPC UA server or client to use, LabVIEW creates a certificate file, Default OPC UA, to use when you create an OPC UA server or client at run time. You also can use the Create Certificate VI to create a certificate file.
The following table shows the location of the certificate file that LabVIEW creates at run time or when you use the Create Certificate VI.
| Operating System | File Path to the Certificate File | Note |
|---|---|---|
| Windows | C:\ProgramData\National Instruments\certstore\opcua\ | You can find public keys and private keys in the file path to the certificate file. |
| NI Linux Real-Time | /var/local/natinst/certstore/opcua/ | You can find public keys and private keys in the file path to the certificate file. |
 | Note Public key commonly appears with a .der file extension and private key has a .pem file extension. |