3.4 Certificate handling
During the first connection attempt of the client the certificate of the client will be transferred
to the SINUMERIK OPC UA server. If the setting "Accept certificates automatically" is set, the
client certificate will be automatically trusted and the connection can be established. If the
setting is deactivated, the certificate will be treated as untrusted and needs to be trusted
manually before the connection can be established.
In this case, the server will report an error (BadSecurityChecksFailed) on initial connection
attempt if the provided client certificate is not trusted.
Prerequisites
Note
Trusting client certificates is only possible with the SINUMERIK protection level 1
(manufacturer).
Trusting clients certificates manually
This procedure is only necessary, if the setting "Accept certificates automatically" is
deactivated.
1. Select the operating area "Setup" in SINUMERIK Operate.
2. Press the softkey “System data”.
3. In the files and folders tree navigate to:
● Embedded systems (NCU 840Dsl / 828D):
"System CF Card/addon/sinumerik/hmi/opcua/pki/rejected"
● PCU system:
"System harddisk/C:
System/ProgramData/Siemens/MotionControl/addon/sinumerik/hmi/
opcua/pki/rejected"
4 Select the rejected certificate.
5. Press softkey “Cut”.
6. Navigate to folder “trusted/certs”.
7. Press softkey “Paste”.
Setting up of OPC UA server
3.4 Certificate handling
SINUMERIK Integrate for Engineering Access MyMachine / OPC UA
22 Configuration Manual, 12/2017, 6FC5397-1DP40-6BA1
To Next Page
Loading...
General
