Softing dataFEED uaGate 840D User Manual Download Page 18 | Manualshive

Page: 18 / 47

background image

14

© Softing Industrial Automation GmbH

dataFEED Gateway - User Manual

4.2.4 Manage Client Certificates

The

Manage Client Certificates

view supports the the management of existing certificates, the upload of new

certificates and the display of certificate properties in a table.

For a certificate of an OPC UA Client to become trusted (from view of the OPC UA Server in the dataFEED
Gateway) the following conditions need to be fulfilled:

1.

The certificate is digitally signed and the whole chain of certificates used for signing is available to the
dataFEED Gateway. It is either stored in the

CA

(Certificate Authority) folder or in the

Trusted certificates

folder (see below).

2.

The certificate is stored in the dataFEED Gateway. Self-signed certificates need to be stored in the

Trusted

certificates

folder to become trusted. This classification stays valid unless a certificate is declared not

trusted.

3.

In addition, it is checked for user authentication that the certificate is not stored in the

Rejected certificates

folder in the dataFEED Gateway.

Upload new certificate

To ease certificate management, the OPC UA Server in the dataFEED Gateway stores each new client certificate
in the

New certificates

folder using the binary

DER

format. Additional

DER

format certificates can be uploaded in

the dataFEED Gateway using the

Browse...

button.

Declare a certificate trusted

To declare a certificate trusted, move it into the

Trusted certificates

folder. To do so, select the certificate and

click the

Move to trusted folder

(

) button.

Note

Check the certificate's fingerprint to make sure you declare the correct certificate trusted.

Declare a certificate not trusted

To exclude a certificate from being trusted, remove it from the

Trusted certificates

folder. To do so, select the

certificate and delete it by clicking the

Delete certificate

( ) button or move it to the

Rejected

folder by clicking

the

Move to rejected folder

(

) button.

Note

If the certificate is deleted, it may reappear in the

New certificates

folder, if the certificate owner

tries to re-connect.

Manage certificate authorities certificates

The certificates of certificate authorities (CA) are certificates that are required to verify that (not self-signed)

certificates in the

Trusted Certificates

folder are valid. These certificates are uploaded in the dataFEED

Gateway as follows:

1.

Upload the

DER

format certificate into the

New certificates

folder (see above).

2.

Select the uploaded certificate and click the

Move to certificate authority (CA)

(

) button to move it to the

CA

folder.

«
...
16
17
18
19
20
...
»

Summary of Contents for dataFEED uaGate 840D

Page 1: ...dataFEED Gateway edgeGate uaGate SI uaGate MB and uaGate 840D User Manual Version EN_171_190601 2013 2019 Softing Industrial Automation GmbH ...

Page 2: ...e of printing of it and is passed on with the best of our knowledge The information in these instructions is in no event a basis for warranty claims or contractual agreements concerning the described products and may especially not be deemed as warranty concerning the quality and durability pursuant to Sec 443 German Civil Code We reserve the right to make any alterations or improvements to these ...

Page 3: ...eements Chapter 4 11 IT Settings 11 4 1 IT Network Configuration 12 4 2 OPC UA Server 12 Generate Server Certificate 4 2 1 13 OPC UA Security 4 2 2 13 OPC UA Authentication 4 2 3 14 Manage Client Certificates 4 2 4 15 4 3 MQTT Broker Configuration 16 MQTT Topic Settings 4 3 1 18 MQTT Topic Selection 4 3 2 19 MQTT Security Settings 4 3 3 20 MQTT Client Certificate 4 3 4 21 MQTT Last Will Settings 4...

Page 4: ...ERIK 840D Settings 5 2 4 35 Symbol Import NCU 5 2 4 1 35 5 3 Symbol View Chapter 6 36 Service Settings 36 6 1 Time Settings 36 6 2 Reset 37 6 3 Firmware Update 37 6 4 Backup and Restore 38 6 5 User Password 38 6 6 micro SD Card 39 6 7 Support Chapter 7 40 LED Status Indicators Chapter 8 41 Technical Data Chapter 9 42 Declarations of Conformity ...

Page 5: ...ligence softing com products iot gateways Note Faultless and safe operation of the product requires proper transport proper storage and installation and expert operation and maintenance in accordance with the manual Note If the notes stated in this document are not observed or in case of inappropriate handling of the device our liability is waived In addition the warranty on devices and spare part...

Page 6: ...he batteries to ignite or explode and pose a burn hazard to users CAUTION During operation the device s surface will be heated up Avoid direct contact When servicing turn off the power supply and wait until surface has cooled down Note Do not open the housing of the dataFEED Gateway It does not contain any parts that need to be maintained or repaired In the event of a fault or defect remove the de...

Page 7: ... by qualified personnel only personnel qualified according to the German standard TRBS 1203 or similar Technical Regulations for Operational Safety The definition of terms can be found in IEC 60079 17 Mounting 1 Hook the upper notch of the cut out on the back of the dataFEED Gateway into a 35 mm DIN rail 2 Press the dataFEED Gateway down towards the rail until it slides into place over the lip of ...

Page 8: ...have a cross section of 1 5 mm Wiring diagram for hardware version 1 01 and lower Pin Signal Description 4 L2 Redundant positive supply voltage 3 L Positive supply voltage 2 Functional Earth 1 GND Ground Wiring diagram for hardware version 1 02 and higher Pin Signal Description 1 L2 Redundant positive supply voltage 2 L Positive supply voltage 3 Functional Earth 4 GND Ground CAUTION The Functional...

Page 9: ...digits letters of the serial number For example if the serial number is 123456789ab the host name is uagate89ab or edgegate89ab 1 Connect the lower Ethernet socket MACHINE directly to a laptop 2 Set the laptop IP address to 192 168 1 1 24 3 Open your browser and enter the address http hostname respectively https hostname 3 Open your browser and enter the address http 192 168 1 111 respectively htt...

Page 10: ...the range of the operating temperature of the dataFEED Gateway The storage capacity of the micro SD card may not exceed 32 GB 1 Remove the card slot cover on the bottom of the device 2 Insert the micro SD card carefully into the slot until the card clicks into place 3 Place the cover back on the housing 4 Open the user interface of the gateway and check if the micro SD card is recognized by the de...

Page 11: ...gical network connections Both network connections ports have their own network segment Thus make sure that IP addresses used differ depending on the network segment Example Subnet mask 255 255 255 0 IP address 1 192 168 1 1 IP address 2 192 168 2 1 Common network If there is only one logical network than it is recommended to connect only the IT Ethernet interface with this network In this case th...

Page 12: ... due to an error in the configuration use the reset button at the lower front side of the device This will reset the dataFEED Gateway to the factory settings Reset the configuration to factory defaults 1 Disconnect the dataFEED Gateway from the power supply 2 Re connect it to the power supply and hold down the reset button until the LEDs SYS RUN and ERR light up red for about one second Hint To pr...

Page 13: ...e status of the connection between the device and the controller as configured in the Machine Settings web server view see Machine Network If the connection has been successfully established the status OK is shown Hardware Status Temperature Device temperature in C Memory Load Percentage of RAMusage Flash Memory Load Percentage of usage of the internal flash file system micro SD Card Load Mount st...

Page 14: ...erial Number Firmware Version Kernel Version Hardware Version Order Number 3 4 Licence Agreements The License Agreement view provides links to List of public domain software and their license information Package copyright information A detailed list of used licenses can be found at http opensource softing com IA dataFEEDUAGateway V1 ...

Page 15: ...common network Obtain an IP Address from a DHCP Server If enabled the device should obtain network settings by DHCP for the IT Ethernet interface If disabled static settings are used see above By default network setting by the DHCP server is enabled DNS Address IP address of the Domain Name Server to be used by the dataFEED Gateway This setting might be overwritten by the DHCP server IPv6 Read onl...

Page 16: ...eld Validity period of certificate that is generated days allows you to determine the duration for which the generated certificate is valid The validity period starts with the current system time and ends after the number of days given in this field Make sure you have configured the system time correctly before generating the OPC UA Server certificate refer to Time Settings for details The default...

Page 17: ...c256 Support of high message security The OPC UA Client certificate needs to be trusted see Manage Client Certificates Basic256Sha256 Support of very high message security The OPC UA Client certificate needs to be trusted see Manage Client Certificates Note The Basic256Sha256 security policy can only be set if the certificate has been generated with firmware version V1 40 or higher 4 2 3 OPC UA Au...

Page 18: ...ent certificate in the New certificates folder using the binary DER format Additional DER format certificates can be uploaded in the dataFEED Gateway using the Browse button Declare a certificate trusted To declare a certificate trusted move it into the Trusted certificates folder To do so select the certificate and click the Move to trusted folder button Note Check the certificate s fingerprint t...

Page 19: ... by the dataFEED Gateway It is composed of the transport protocol the Fully Qualified Domain Name FQDN consisting of the host name and the domain name see https en wikipedia org wiki Fully_qualified_domain_name for details and optionally the port number The following transport protocols are supported o tcp MQTT uses plain TCP Often MQTT Brokers offer this service at port 1883 o ssl MQTT uses SSL o...

Page 20: ... root topic and the automatically generated topic name Hierarchy The following hierarchy options are supported o Full PLC hierarchy The hierarchy of PLC symbols is translated into a corresponding MQTT hierarchy below the Root Topic o Flattened PLC hierarchy The PLC symbols are flattened into just one MQTT hierarchical level below the Root Topic o Suppressed PLC symbols The PLC symbol names are not...

Page 21: ...define the maximum number of PLC values here It is possible to group up to 10 PLC values into one MQTT message Minimum publishing interval s The same topic is not published with a faster interval than this setting in seconds This setting protect MQTT Broker and MQTT Subscribers from a flooding by too many publish messages for an individual topic If the polling interval see Siemens Settings or Modb...

Page 22: ...ble for publishing Activation and deactivation of items Activate or deactivate an individual item for publishing by selecting or deselecting the corresponding checkbox of the item By selecting or deselecting the checkbox of a parent node in the hierarchical tree view all child nodes are activated or deactivated together with the parent node Saving and applying settings 1 Click the Save button to s...

Page 23: ... and to display certificate properties in a table Upload new certificate To ease certificate management the MQTT Publisher in the dataFEED Gateway stores each new client certificate in the New Certificates folder using the PEM format Additional PEM format certificates can be uploaded in the dataFEED Gateway using the Browse button PEM format certificate files may contain more than one certificate ...

Page 24: ...file above see issue 1 the PEM format file containing the private key of the client has to be defined The client certificate file including the private key can be selected using the Browse button 3 Definition of the password to load the private key of the client if it is included in the files described above in an encrypted way 4 Activation of MQTT Client certificate usage Saving and applying sett...

Page 25: ...ues without Retain flag are only transferred from the MQTT Broker to those MQTT Subscribers that are registered at the broker and have subscribed to the appropriate topic in the moment when sending the data to the broker Enable Last Will Option This check box allows to specify whether the Last Will and Testament MQTT connection options are used or not If they are used additional configuration fiel...

Page 26: ...evice identifier for edgeGate at the IoT Hub into this input field The device identifier is created based on the hostname and the current time if this input field is empty Note This device id should be different from the device id of the MQTT connection to the Azure cloud see embedded linux softing uagate c md Note The device ID Azure Device Id should be different from the device ID used for the M...

Page 27: ...lication name Device Id Enter the application name into this input field The entry is used by Azure IoT Edge OPC Publisher as device ID within Microsoft Azure IoT Hub and within its own certificate for OPC UA authentication OPC Publisher options Enter the further optional command line parameters for Azure Iot Edge OPC Publisher into this input field starting with the connection string The complete...

Page 28: ...rface for IPv4 communication Subnet Mask Network mask of the IPv4 address in decimal dotted notation e g 255 255 255 0 IPv6 Read only IPv6 address es of the machine network Ethernet interface as assigned by IPv6 autoconf The IPv6 information is only shown if the used network is configured to use IPv6 Up to 16 IPv6 addresses can be assigned to the Ethernet interface of the machine network Note If y...

Page 29: ...1200 1500 PLC by selecting the appropriate controller type in the PLC Type dropdown list A connection name only can be chosen when adding a PLC connection Note If the maximum number of the supported PLC connections of the dataFEED Gateway already has been reached there is no chance to add further connections to the dataFEED Gateway By clicking the Save button the connection configuration is stored...

Page 30: ...er limit of the OPC UA sampling interval This value has to be be greater or equal to 50 ms In special cases it might be necessary to configure the TSAP settings to allow a connection to your S7 Deactivate the Default TSAP Settings checkbox for doing so TSAP Own The TSAP to be used as own address By default this value is configured by your choice of the PLC type in the machine network part of the w...

Page 31: ...un dataFEED Exporter from the standard location Start All Programs Softing dataFEED Exporter dataFEED Exporter or from your specific installation location 4 Follow the dataFEED Exporter instructions to load and convert your STEP 7 or TIA Portal symbol files 5 Save the converted SDFI file at your PC 6 Go back to the dataFEED Gateway and click the Browse button in the Select File section Select your...

Page 32: ...Space of a Siemens PLC with Optimized Blocks Note This description only applies to the uaGate SI product Without filtering the complete available address space of a S7 1200 S7 1500 PLC with optimized blocks is available for the OPC UA and MQTT data exchange using uaGate SI However it is possible to filter the address space thus to restrict the visible variables For doing so select the previously e...

Page 33: ...es the lower limit of the OPC UA sampling interval This value has to be be greater or equal to 50 ms Start Address Start address setting for address association Some Modbus controllers start address association for connected devices at 0 other start at 1 o Start Address 0 Radio button for setting the start address to begin at 0 for the Modbus controller o Start Address 1 Radio button for setting t...

Page 34: ...II text file The file is built up by lines each defining a symbol name and the corresponding Modbus item The line starts with the symbolic name followed by the equal sign and the Modbus item definition Hierarchy levels can be defined using the dot Example of a Modbus symbol file M0_0 RX12288 0 M0_1 RX12288 1 M0_2 RX12288 2 M1_0 RX12289 0 M2_0 RX12290 0 Number_of_Jobs RI12288 The Symbol Import view...

Page 35: ...nt of Modbus item Group Operand ranges can be combined to groups If UnitID individual with item syntax has been selected in the range 0 65535 the range is reduced to 0 255 Gaps in the periphery can be skipped by building different groups The gap is then not called upon Simply place the group name in front of the item name and separate both by a dot GroupName ItemName The group name is made up by G...

Page 36: ...sed per physical address WORD oriented means that one word 16 bits is addressed per physical address Input of the start address is octal which means that the number 8 and 9 are invalid characters The address is managed internally by decimal point and must be considered for logger and status Discrete inputs and outputs are assigned 1 bit in the PLC During reading and writing they are processed as a...

Page 37: ... 2 4D00050 2 ERD120 2 IRD120 2 3D12034 2 BCD BA DOUBLE WORD VT_UI4 unsigned DW RDW50 HRDW50 4DW50 ERDW120 IRDW120 3DW12034 RDW50 3 HRDW50 3 4DW50 3 ERDW120 3 IRDW120 3 3DW12034 3 BCD BA REAL VT_R4 R RR5 ERR5 RR5 3 ERR5 2 DOUBLE VT_R8 RD RRD5 ERRD5 RRD5 10 STRING VT_BSTR S RS5 4 ERS5 4 if only standard types has been selected as data types server settings if also unsigned has been selected as data ...

Page 38: ...SCII coding Example RS100 8 allows an interpretation of Modbus registers 100 to 108 as a string of 8 character of 8 bits each Suffix By using a suffix a value can be presented in another format Suffix Syntax Use Area Data type Comments BitArray BA Byte Word Int DWord Dint No of bits Size in bytes times 8 Size in words times 16 Size in Int times 16 Size in DWord times 32 Size in Dint times 32 BOOLE...

Page 39: ... be applied Depending on the number of modified settings this process may take some time before being completed 3 A message in the upper window part will inform you about the successful modification s 5 2 4 1 Symbol Import NCU Note This description only applies to the uaGate 840D product A default symbol file is already included in uaGate 840D It is activated once a connection has been configured ...

Page 40: ...aFEED Gateway other devices in your network can access the dataFEED Gateway as NTP server Saving and applying settings 1 Click the Save button to save your settings A hint will appear reminding you that the application of some other settings is pending 2 Click at this link Your settings will be applied Depending on the number of modified settings this process may take some time before being comple...

Page 41: ... in the Load configuration from file section to select a previously stored configuration file on your computer and to load it intothe dataFEED Gateway Click the Backup button in the Save configuration in file section to save the current configuration into a backup file on your computer Backup Restore SD card Click the Restore button in the Restore Configuration from SD card section to load the con...

Page 42: ...dited password changes Note The new password is active immediately after clicking the Save button Once the browser loads a page that accesses dynamical data a new login is required User roles and related tasks Task Administrator administrator IT Responsible itadmin Service Engineer mfadmin Modify configuration and update firmware change password of other roles than Administrator Modify IT Settings...

Page 43: ...t button has been clicked a new network capture file is recorded every 15 minutes Recording stops after about 25 hours or upon device restart The capture files are stored on the micro SD card Thus this feature only is available if a writeable micro SD card has been inserted in the dataFEED Gateway Click the Browse button in the Capture files section to access the previously recorded network captur...

Page 44: ...he web server is available Flashing green while the OPC UA namespace is built up evaluating symbols etc SYS Permanently green while the firmware image is unzipped Flashing green while the consistency of the image is checked and the kernel is exchanged Flashing red while the firmware is replaced with the firmware image content During this time the device is not fully operational ERR Permanently red...

Page 45: ...ion 40 C 35 C 0 mm minimum distance 40 C 40 C 22 5 mm minimum distance Storage temperature 40 C 85 C Relative humidity 10 95 non condensing Altitude Must not exceed 2 000 m Location Indoor use only no direct sunlight Dimensions H x W x D 100 mm x 22 5 mm x 105 mm Mounting 35 mm DIN Rail Ingress protection IP20 Weight about 0 2 kg IT network cloud connection OPC UA Server 20 000 items in total MQTT...

Page 46: ...m Softing Industrial Automation GmbH ROHS This device is ROHS compliant FCC This device has been tested and found to comply with the limits for a Class A digital device under part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio f...

Page 47: ...g Industrial Automation GmbH Richard Reitzner Allee 6 85540 Haar Germany https data intelligence softing com 49 89 4 56 56 113 49 89 4 56 56 606 info idi softing com dataFEEDGateways_C_EN_171_190601 June 2019 ...

Reviews:

No comments

Related manuals for dataFEED uaGate 840D

FXO - RECORD NEW GREETING

Brand: WELLTECH Pages: 2

NFS/DFS Secure Gateway

Brand: IBM Pages: 67

Brand: Anybus Pages: 2

SNR-VG-60 0 Series

Brand: SNR Pages: 25

Brand: Alphatech Pages: 16

NetVanta 6330 Series

Brand: ADTRAN Pages: 4

Brand: Gree Pages: 44

D-PCG1000 PowerKEY CAS

Brand: Cisco Pages: 4

Brand: Technicolor - Thomson Pages: 21

Brand: Argent Data Systems Pages: 34

Brand: VADcore Pages: 51

Brand: Planet Pages: 8

Brand: Planet Pages: 16

Brand: Planet Pages: 16

Brand: Planet Pages: 131

Fieldgate FXA720

Brand: Endress+Hauser Pages: 66

Brand: Inovonics Pages: 3

Brand: evertz Pages: 70

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands