Create a certificate
To communicate securely, OPC UA applications must have appropriate public certificates and corresponding private keys.
- In the title bar, select the drop-down arrow afterand select
FactoryTalk Optix Studio OptionsCreate certificate. - UnderSubject, complete:
- Common name. Name of the URL.
- Organization. Name of your organization.
- Organization unit. Division in your organization for which you are creating the certificate.
- Locality. City where your organization is located.
- State. Name of the state or province where your organization is located.
- Country. Country where your organization is located.
- UnderOPC UA information, complete:
- Application URI. Globally unique URI for the application.
- Domain names. Host name of the devices on which the application is run.IMPORTANT: DNS names are only recognized if they are lower case.
- IP addresses. IP addresses on which the application will run.
- UnderCertificate settings, complete:
- RSA key strength. The size, in bits, of the RSA key.IMPORTANT:TheRSA key strengthandSignature algorithmvalues are compatible with the OPC UA security policies that you set in the OPC UA server and OPC UA client objects.The higher theRSA key strengthandSignature algorithmvalues, the greater the use of resources for the encryption and decryption of messages between the server and client.
- Signature algorithm. Algorithm that creates the certificate.
- Expiration date. The SSL expiration date.
- InName, enter the name of the certificate.
- InLocation, enter or browse to the location to store the certificate.
- SelectCreate.
Rockwell Automation
recommends backing up the certificate to a personal folder outside of the project.certificate
Provide Feedback