Here is a guide for connecting Ignition to a Kepware OPC-UA server.

  1. Disable anonymous logins.
    You could probably skip this step, but we feel it adds a bit more security, so we do it.

    1. Open the Kepware Configuration tool. Click “File” > “Project Properties…”.Picture 1
    2. Click the “OPC UA” tab. Change the “Allow anonymous login” option to “No”.Picture 1b
  2. Configure OPC-UA User
    1. Click “Settings…”.Picture 2a
    2. Click “User Manager” tab > Add user button.Picture 2b
    3. Add your user. This is just an example.Picture 2c
    4. Set user permissions as follows.Picture 2d
  3. Set up OPC-UA Endpoints.
    1. Click “OPC UA Configuration”.Picture 3a
    2. Make sure you add end points for the interfaces you want to use by clicking the “Add…” button.Picture 3bPicture 3b2Picture 3b3
  4. Import Ignition Client Certificate
    1. Browse to your gateway. Click” OPA-UA” > “Certificates”.
    2. Click “Download” to export your Client Certificate.
      Picture 4b
    3. Click “Trusted Clients” tab > “Import…” button to import the previously exported client certificate. Close OPC-UA Configuration Window.Picture 4c
  5. Re-initialize Kepware Runtime.
    1. Click “Reinitialize” to re-initialize the Kepware Runtime.Picture 5a
  6. Configure connection from Ignition to Kepware.
    1. On the Ignition gateway, click “OPC Connections” > “Servers” > “Create new OPC Server Connection….”
    2. Add an OPC-UA Connection.Picture 6b
    3. Configure the connection. You will need to enter your end point and user information from steps 2 and 3 here. If you are using a NAT to access your Kepware server from a remote subnet, you will need to override your endpoint hosts under the advanced settings, identified by the blue arrows. If you are not using a NAT, you should leave these blank.Picture 6c
    4. Click “OK”. You should now have a successful connection from Ignition to Kepware.Picture 6d