> For the complete documentation index, see [llms.txt](https://docs.videc.de/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.videc.de/june5-3.7/en/webanwendung/datenquellen/endpunkt-anlegen/opc-ua-ha.md). # OPC UA HA The following input fields (required fields) are described below: ### Name In this input field, a symbolic name of the newly created endpoint is entered. ### Identification A unique identification is entered here. ### Enabled If the check box is set, the OPC UA HA endpoint is enabled. Otherwise the endpoint remains disabled. ### Server URL The endpoint URL of the OPC UA Server is entered here. ### Username Optionally, the username of the OPC UA Server can be entered here. Whether this is necessary depends on the OPC UA Server. Further information on this can be found in the manual of the respective OPC UA Server. ### Password The password for the user specified in the Username field is entered in this field. ### OPC UA Certificates To allow JUNE5 to query information from an OPC UA Server, an OPC UA Client has been embedded in JUNE5. This OPC UA Client connects directly to the OPC UA Server and forwards its data to the JUNE5 web application. Depending on the security settings of the server being accessed, this data can be encrypted or signed using certificates. The following security settings can be present on OPC UA Servers: * *None* - Neither signed nor encrypted * *Sign* - Signed only * *Sign & Encrypt* - Signed and encrypted If the data to be transmitted is signed and encrypted, JUNE5 automatically selects the security setting for the OPC UA Server. The certificates of each communication partner are exchanged during the first connection. Subsequently, these must be trusted on both the server and client side. ### Trusting an OPC UA Server on the JUNE5 OPC UA Client JUNE5 trusts a server certificate by placing it in a specific directory. During the JUNE5 installation, the directory C:\ProgramData\VIDEC\JUNE5\Certificates\OPCUA\PKI is created. This folder contains the necessary structure so that OPC UA certificates can be handled correctly. Depending on which folder a certificate is located in, it is classified as trusted or untrusted. The following image shows this directory structure relative to the JUNE5 configuration directory: ![](/files/t85Lu0uTMKzM272WbiBX) #### own > certs: Public key of the OPC UA Client #### own > private: Private key of the OPC UA Client #### rejected: Certificates from servers with which JUNE5 attempts to communicate. These certificates can either be classified as trusted or blocked. #### trusted > certs Certificates from trusted OPC UA Servers #### trusted > crl Certificates from untrusted OPC UA Servers For each OPC UA Server used as a data source in JUNE5, the public key of the server is stored in "DER format" in the folder *C:\ProgramData\VIDEC\JUNE5\Certificates\OPCUA\PKI\rejected* if a secure connection to this server was not previously established. To trust a server, the public key of the server must be copied to the directory *C:\ProgramData\VIDEC\JUNE5\Certificates\OPCUA\PKI\trusted\certs*. If the public key is copied to the directory *C:\ProgramData\VIDEC\JUNE5\Certificates\OPCUA\PKI\trusted\crl*, the OPC UA Server is not trusted. ### Trusting the JUNE5 OPC UA Client on the OPC UA Server The OPC UA Client embedded in JUNE5 creates a self-signed certificate. This is located in the directory *C:\ProgramData\VIDEC\JUNE5\Certificates\OPCUA\PKI\own*. Since the various steps to trust OPC UA Clients depend on the respective OPC UA Server, these can be found in the manuals of the respective servers. {% hint style="info" %} * Note that the connection test to the OPC UA Server will always fail if the OPC UA Certificates checkbox is set. This can persist until the respective applications have mutually trusted each other. How OPC UA Servers with enabled security settings can be registered in JUNE5 can be found in the OPC UA Certificates chapter. * For OPC UA Servers from the manufacturer Certec, the character string BF=AT (BF: Browse Filter; AT: Atvise) can be entered as an optional parameter. This optimizes the browsing of measurements for the endpoint by starting the search for measurements from the AGENT.OBJECTS node. * OPC UA accepts the following URL format: https\://..., http\://..., opc.tcp\://... * For example: opc.tcp\://localhost:4840 or * If JUNE5 authenticates to an OPC UA Server with a certificate, the connection is established with the highest available security setting of the OPC UA Server. * When saving or subsequently changing the setting, all required fields must be filled in. * Required fields are those fields whose left border is marked in red. {% endhint %} ## Test Connection Using the *Test Connection* button in the horizontal toolbar, the connection to the endpoint can be tested. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.videc.de/june5-3.7/en/webanwendung/datenquellen/endpunkt-anlegen/opc-ua-ha.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.