Create a certificate

To communicate securely, OPC UA applications must have appropriate public certificates and corresponding private keys.

In the title bar, select the drop-down arrow after

FactoryTalk Optix Studio Options

and select

Create certificate

Under

Subject

, complete:

Common name

. Name of the URL.

Organization

. Name of your organization.

Organization unit

. Division in your organization for which you are creating the certificate.

Locality

. City where your organization is located.

State

. Name of the state or province where your organization is located.

Country

. Country where your organization is located.

Under

OPC UA information

, complete:

Application URI

. Globally unique URI for the application.

Domain names

. Host name of the devices on which the application is run.

IP addresses

. IP addresses on which the application will run.

Under

Certificate settings

, complete:

RSA key strength

. The size, in bits, of the RSA key.

IMPORTANT:

The

RSA key strength

and

Signature algorithm

values are compatible with the OPC UA security policies that you set in the OPC UA server and OPC UA client objects.

The higher the

RSA key strength

and

Signature algorithm

values, the greater the use of resources for the encryption and decryption of messages between the server and client.

Signature algorithm

. Algorithm that creates the certificate.

Expiration date

. The SSL expiration date.

Name

, enter the name of the certificate.

Location

, enter or browse to the location to store the certificate.

Select

Create

Rockwell Automation

recommends backing up the certificate to a personal folder outside of the project.

OPC UA certificates and keys

Provide Feedback

Have questions or feedback about this documentation? Please submit your feedback here.