It looks like you are coming from United States, but the current site you have selected to visit is Canada. Do you want to change sites?

Yes, please. No. Keep me on the current site.

Xylem logo
Enable high contrast mode

Installation

Install OPC UA Connector

OPC UA Connector is designed to work behind a private network. Exposing the software to the internet introduces security risks. If the user already have a version of OPC UA Connector installed, follow the First time installation otherwise follow Upgrade OPC UA Connector.

First time installation

The OPC UA Connector can be installed as a Windows service or in stand-alone mode. Regardless of the installation method the OPC UA Connector creates the folder C:\ProgramData\OPC UA Connector to store the data.

Windows service

  1. Unzip the given OPC UA Connector zip file in a folder
  2. Run service-install-start.bat
  3. OPC UA Connector is registered and starts as a Windows service

Stand-alone mode

OPC UA Connector does not start automatically after a restart or when a remote session is closed. The user must delete the folder C:\ProgramData\OPC UA Connector manually when the OPC UA Connector is not used.

  1. Unzip the given OPC UA Connector zip file in a folder
  2. Run: run.bat

Upgrade OPC UA Connector

This section is applicable when the OPC UA Connector is installed as a Windows service and a previous installation exists.

To upgrade the OPC UA Connector:

  1. Unzip the new version of OPC UA Connector in a folder. It creates two OPC UA Connector installations: 
Installation 1 folderpath/opc-ua-connector-previous-version
Installation 2 folderpath/opc-ua-connector-new-version

 

  1. Run opc-ua-connector-new-version/service-installstart.bat

    Running the script installs and starts a new version of the OPC UA Connector as a Windows service.

Stop OPC UA Connector

This section is applicable when the OPC UA Connector runs as a Windows service.

  • Run service-stop.bat

Restart OPC UA Connector

This section is applicable when the OPC UA Connector runs as a Windows service.

  • Run service-restart.bat

Uninstall OPC UA Connector

This section is applicable when the OPC UA Connector installed as a Windows service.
To uninstall the OPC UA Connector, run one of the following scripts:

service-uninstall.bat It deletes the OPC UA Connector Windows service.
service-uninstall-delete-data.bat It deletes the OPC UA Connector Windows service and the folder
C:\ProgramData\OPC UA Connector, which contains the configuration, certificates and data used by OPC UA Connector.

 

The user must manually delete the folder which contains the extracted OPC UA Connector distribution file.

Enable Secure Connect Communication

  1. Open the chrome browser and navigate to the OPC UA Connector Web UI.
    http://localhost:8087
  2. Use the default credentials to log in.
    Note: The default credentials are insecure, it is important to change the credentials before allowing clients to connect to OPC UA Connector.
username admin
password password

 

  1. After login, the OPC UA Connector Web UI asks for a password change if the default password was detected to be in the use. If the password is changed, the status view will be displayed.
  2. In the top menu, click on the Secure Connect credentials, to navigate to the Secure Connect credentials view.
  3. Click on the Edit button and enter a Client id and Client secret. The client ID and client secret are provided by a Xylem representative.
  4. Click Save, wait for 10 seconds, and then click Validate.
  5. A dialog with the message The credentials are valid appears. If the dialog shows an error, it means that client ID and client secret are not correct. Contact a Xylem representative for the valid credentials.

Add users

User roles

Users in OPC UA Connector can have one of the roles below:

Role Description
Admin Represents a system administrator that will configure the application via OPC UA Connector Web UI and may also connect via OPC UA.
OpcUa Read Represents a user or client that will only connect via OPC UA with Read only mode but will not require access to OPC UA Connector Web UI.
OpcUa Read/Write Represents a user or client that will only connect via OPC UA with Read/Write mode but will not require access to OPC UA Connector Web UI.

 

Feature Admin OPCUA Read OPCUA Write
Web UI access X    
OPC UA Read X X  
OPC UA R/W X X X

 

Create a user

  1. Navigate and login into OPC UA Connector Web UI.
  2. In the top menu, click Users.
  3. Click the Add user button.
  4. Fill the required user information, and click Save.

Connect via OPC UA

Requirements:  OPC UA Connector server is succesfully setup and running. For details refer to Enable Secure Connect Communication

  1. Configure your OPCUA client to connect to the following URI: opc.tcp://[IP or computer name]:52531/OPCUA/opcua-connector
  2. Enter the endpoint in the OPC UA client.
    • The user must replace the IP and the computer name in the url based on the OPC UA Connector server setup. Do not copy and paste the url.
    • All the available endpoints are listed under Status > endpoint link.
    • Give the credentials of a user created in the section Add users.
  3. Choose one of the supported security policy:
Security Policy Sign Sign & Encrypt
Basic256SHA256 X X*
Basic256   X

* Recommended for best security

When an OPC UA client tries to connect to the OPC UA Connector for the first time, the response Bad_SecurityChecksFailed(0x80130000) is received. By default, the client certificate is not trusted by the server. The user must configure the OPC UA Connector to trust the certificate:

  1. Navigate and log in to OPC UA Connector WebUI.
  2. In the top menu, click Certificates.
  3. Navigate to the tab Rejected.
  4. Find the certificate to trust, and click the icon Trust server certificate.

A client certificate can also be moved from Trusted to Rejected or even deleted if necessary.

OPC UA Connector Guide Sections