Main Content

setSecurityModel

Set security configuration parameters for OPC UA client

Since R2020a

collapse all in page

Syntax

setSecurityModel(uaClient,'Best')
setSecurityModel(uaClient,messageMode,channelPolicy)

Description

setSecurityModel(uaClient,'Best') sets both the MessageSecurityMode and ChannelSecurityPolicy properties of the OPC UA client uaClient to the best possible security configuration available for the server. The client attempts to retrieve available endpoints from the server if those are not yet retrieved.

setSecurityModel(uaClient,messageMode,channelPolicy) sets the MessageSecurityMode and ChannelSecurityPolicy properties of OPC UA client uaClient to the specified messageMode and channelPolicy, respectively. If a matching endpoint cannot be found in the list of known endpoints, an error occurs.

Note

Security Considerations: To enable a secure communication with an OPC UA server, use a strong channel security policy and message security mode.

You can expose your system to security risks when you set the MessageSecurityMode and ChannelSecurityPolicy to "None". Use this setting only in a trusted environment.

If you need to connect to an OPC UA server that does not support a security policy, request the server administrator to enable a strong channel security policy and message security mode for the server. These settings enable encryption and authentication and safeguard your data and operations.

example

Examples

collapse all

Set the OPC UA client security mode for signed but not encrypted messages.

s = opcuaserverinfo('localhost');
uaClient = opcua(s);
setSecurityModel(uaClient,'Sign');
connect(uaClient);

Input Arguments

collapse all

OPC UA client, specified as an opc.ua.Client object. You can create the client using the opcua function.

Example: opcua()

Client message security mode, specified as a character vector or string. Either MessageMode or ChannelPolicy can be empty, but not both. In this case, the highest security model is chosen from the available endpoints to match the given option.

Example: 'Sign'

Data Types: char | string

Client channel security policy, specified as a character vector or string.

ChannelPolicy must be specified as one of the enumerations defined in opc.ua.ChannelSecurityPolicies. For example,

enumeration opc.ua.ChannelSecurityPolicies
Enumeration members for class 'opc.ua.ChannelSecurityPolicies':

    Unknown
    None
    Aes128_Sha256_RsaOaep
    Basic256Sha256
    Aes256_Sha256_RsaPss

Example: 'Basic256Sha256'

Data Types: char | string

Version History

Introduced in R2020a

expand all

See Also

Functions

Topics