I am building an IIoT demo bundle using Factory IO, an OPC UA Server and additional edge computing SW to retrieve relevant OPC UA tags.
I found that the easiest, most controllable way to set up an OPC UA Server is by using the nodes in the nodre-red-contrib-opcua module in Node-Red.
I have deployed the ACI running Node-Red using the Azure CLI script as:
az container create -g MyResourceGroup --name opcuaserver --image nodered/node-red --ip-address public --ports 80 1880 53530
, intended to dedicate the 53530 port for opc.tcp traffic.
In the Node-Red flow I use the modules OPC UA Server and OPC UA Client.
I need to be able to connect to the OPC UA Server on the endpoint opc.tcp://20.72.191.16:53530/UA/Server
from external OPC UA Clients.
When I try to access the OPC UA Server using OPC UA Client nodes using either 127.0.0.1 or the public ACI IP adress of 20.72.191.16 as part of the endpoint, I am not able to connect. I am yet doing this with nodes within the ACI so far.
The peculiar error message reads: "Invalid endpoint : Configuration error : the certificate and private key do not match.
I find that strange since the OPC UA Server node is set to "Auto Accept Unknown Certificates" in the node settings. Where else can that kind of setting be changed?
I would be very grateful for any hints on how to access an OPC UA Server running in Node-Red in an ACI from an external party.