Instance Attributes (Instance #42, OPC UA SecurityPolicyNone)
This instance provides the possibility to enable an endpoint with SecurityPolicyNone as a first step. In a second step, it is also possible to enable the UserIdentityTokenPolicy Username_None on all endpoints. In the first step all data will be transmitted in clear text, except protected login credentials. This mode is suitable when debugging the network. In the second step it is possible to connect to the OPC UA server, completely without certificates. However, the login credentials are transmitted in clear text in this mode and it should only be used during development or fault investigation of a device, on a network that cannot be monitored by external parties.
For more information, see Endpoints.
Important
If the application is to pass the conformance test for OPC UA, this setting must be protected by administrator rights and must be disabled by default. Value 2 (Endpoint + UserIdentityToken) is not conformant.
# | Name | Access | Data Type | Description |
|---|---|---|---|---|
1 | Name | Get | Array of CHAR | “OPC Unsecure” (Multilingual, see page Multilingual Strings) |
2 | Data type | Get | UINT8 | 08h |
3 | Number of elements | Get | UINT8 | One data element |
4 | Descriptor | Get | UINT8 | bit 0: 1 = Read access bit 1: 1 = Write access bit 2: 1 = Shared access |
5 | Value | Get/Set | ENUM | Actual OPC UA “Enable unsecure endpoint” setting 0 = “Disable” (Unsecure endpoint disabled) 1 = “Endpoint” (Unsecure endpoint enabled) 2 = “EndP+UserId” (Unsecure endpoint with Username_None UserTokePolicy enabled) (Multilingual, see page Multilingual Strings) Value set to this attribute will be used after next restart. If read, the actual value will be received. If written, the written value is reflected in attribute #6 until a restart. |
6 | Configured value | Get | ENUM | Default value: 0 Configured OPC UA “Enable unsecure endpoint” setting |