Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

PI OPC UA Server

TABLE OF CONTENTS

Trust a client certificate

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMar 30, 2026
  • 1 minute read

To trust an OPC UA client SSL certificate on the PI OPC UA Server, perform the following steps:

  1. In Windows Explorer, navigate to the folder C:\ProgramData\AVEVA\PCS\OPC UA Rejected Client Certificates\certs. This is the location where the certificate from the client is initially placed by default when attempting to connect to the OPC UA Server.

    Note: The Program Data folder is hidden by default. Enable the hidden items option in Windows Explorer in order to view it.

  2. Locate the certificate for the client that has been initially rejected. If never rejected, locate and select the certificate.

  3. Right-click the certificate and select Install Certificate.

  4. In the Certificate Import Wizard, select Local Machine for the Store Location and then Next.

  5. In the Certificate Store view, select the radio button Place all certificates in the following store.

  6. Browse to the certificate store Trusted People and select OK. This is the only choice that will work with the OPC UA certificate.

    1. If the certificate is chained, the root of the issuer chain must be in the Local Machine \ Trusted Root Certification Authorities store.

  7. Select Next.

  8. Select Finish to complete the certificate installation. The OPC UA Client is successfully configured to connect to the PI OPC UA Server.

  9. Finally, delete the certificate from the OPC UA Rejected Client Certificates folder, since the certificate is now installed.

Related Links
TitleResults for “How to create a CRG?”Also Available in