Ignition OPC UA Server and Connection To OSI-PI OPC-UA Connector

Dear Ignition Support
I am fairly new to setting up OPC-UA connections and making the ignition OPC-UA Server visible to external OPC-UA clients but I am trying to setup a OPC-UA Connection from OSI-PI using their OPC-UA Connector to Ignition’s OPC-UA Server and doing some preliminary testing currently with this, but it seems something weird is being observed with certificates
Upon setting up the OSI-PI OPC-UA Connector to the correct endpoint opc.tcp:// `{IP Address or Hostname of Server}:62541, the Ignition server certificate is correctly passed to the OSI-PI UA Connector and therefore can then be manually trusted. The OPC-UA connection is setup and data is flowing between the Ignition OPC UA Server and OSI-PI via OPC-UA now but the OSI-PI certificate is not showing up in the quarantined certificates or trusted certificates in the OPC-UA Security setting of the Ignition Gateway. I have not manually downloaded the OSI-PI certificate or manually trusted it either. The security policy setup on the ignition server is set to either None, Basic256Sha256

Is this normal behaviour as I thought with OPC-UA connections both certificates are needed to be trusted at both ends before any data flow could occur regardless of security policy setup on the ignition gateway, is this correct?

Kind Regards
David Waterfield

My guess would be that OSI PI has connected without security.

The only time you might need to trust the certificate even if the “None” SecurityPolicy is being used is when the client is connecting with a username and password. (edit: actually not sure if that’s true, might only apply to the other direction)

Hi Kevin, thanks issue has been resolved now