Manage OPC UA Policies

you can enable and disable policies by navigating to opc > management and referring to the policies section important selections in the authentication management section must match the selections in the policies section or the server will not start security policy encryption types none no encryption type basic256sha256 256 bit encryption it supports sha256 or stronger hash algorithms for certificates basic256 256 bit encryption it supports the sha1 and sha256 hash algorithms for certificates basic128rsa15 128 bit encryption that uses rsa15 as a key wrap it supports sha1 or stronger hash algorithms for certificates aes256 sha256 rsapss (available for litmus edge version 3 11 0 and later) aes128 sha256 rsaoaep (available for litmus edge version 3 11 0 and later) each security policy has two different types of message security modes sign litmus edge signs messages from the server to assure recipients that the sender is authentic and not an imposter signandencrypt litmus edge both signs and encrypts messages from the server to prevent any attackers from reading plain text messages from the server more information encryption makes messages impossible to read except by authorized users 256 / 128 bit 128 bit is bank grade encryption 256 bit encryption is even stronger and is 1038 times harder to crack the drawback to 256 bit is that it takes servers about 40% longer to encrypt hash algorithms these are for generating signatures they assure message recipients that the sender is authentic key wrap an extra layer of encryption for sending messages on insecure networks or for storing messages for extended periods enable and disable policies to enable or disable policies, click the toggle next to the policy restart opc ua server after enabling or disabling a policy, you must restart the opc ua server see manage the opc ua server docid\ auzipeiw63ioizxleq3xe to learn more