Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions or issues. You do not have to own a commercial license in order to use the OPC Labs support. Our team is actively monitoring the forums, and provides replies as soon as possible.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible.

Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

OPCUA Client certificates

support
Offline
Moderator

More

27 Apr 2026 13:18 #14614 by support

Replied by support on topic OPCUA Client certificates

Hello.

Please study a little bit about OPC UA security, because parts of your request are confused. The very first thing to know is that there in OPC UA, there is both application security, and user security, and they are independent. Application security, if used, is always done using certificates. User security, if used, can be done using username/password, or using certificates (and there are other methods too). So there are not just "three methods" you mentioned, as there are combinations.

Read the documentation:
- www.doc-that.com/files/onlinedocs/OPCLabs-ConnectivityStudio...0Client-Server%20Security.html

There is a whole chapter in the doc about the fact that QuickOPC-based apps auto-generate their self-signed instance certificates, so you do not need to do anything in this respect.

Whether the application-level security is used or not is determined by a negotiation between the client and the server. In case multiple options are supported by both parties, QuickOPC will choose one. If you want to specifically say that the application must be unauthenticated, or that it must be authenticated, set the endpoint selection policy in the endpoint descriptor similar to this:

Code:

           
// Define which server we will work with.            
UAEndpointDescriptor endpointDescriptor = "opc.tcp://opcua.demo-this.com:51210/UA/SampleServer";            
// Require secure connection, in order to enforce the certificate check.            
endpointDescriptor.EndpointSelectionPolicy = UAMessageSecurityModes.Secure;

In order to use username and password, use code similar to this:

Code:

UAEndpointDescriptor endpointDescriptor = 
        ((UAEndpointDescriptor)"opc.tcp://opcua.demo-this.com:51210/UA/SampleServer")
        .WithUserNameIdentity("appadmin", "demo");

I hope this helps
Best regards

Please Log in or Create an account to join the conversation.

dastan.zhalilov@erg.kz
Topic Author
Offline
Elite Member

More

27 Apr 2026 11:29 #14613 by dastan.zhalilov@erg.kz

OPCUA Client certificates was created by dastan.zhalilov@erg.kz

Hi support!
Please explane me, how do we use OPC UA self developed client application on c# to connect to different OPC UA Server ? Forexample, we have OPC UA Server by Cimplicity, I want to connect using certificates or using login/password. How can I do this?
Do you have any codes on c# that use three methods connection: anonymous, login/password and certificates.
And how we generate self-signed certificate ( certificate of OPCLABS or certificate of our developed client application?) to place into trusted folder on the OPC UA Server side?
Our OPC Labs library version is 5.80.347.1

Please answer us ASAP,
Thank you!

Please Log in or Create an account to join the conversation.

Moderators: support, vaclav.zaloudek

Time to create page: 0.114 seconds

Powered by Kunena Forum