The Server is located following the standard procedure as defined in OPC 10000-12, i.e., FindServers, GetEndpoints, OpenSecureChannel, CreateSession and ActivateSession on the Server Address with the specified SecurityMode (see 9.2.2 for the description of the provided Server information).

image066.png

Figure 63 – Client connection process

If Address contains a GDS Address, the GDS is queried to find the Server.

If the Server is the same Server that the ConnectionManager resides on, the EstablishConnections Method may be invoked by vendor-specific means, and all portable node identifiers can be resolved locally.

The Session established by the ConnectionManager shall support the use of authentication and/or encryption. This includes:

  1. Application Authentication based on security mode and policy
  2. The use of Roles (this may require user authentication or specific application certificates)

If SecurityPolicyUri contains “BestAvailable”, the EndpointDescription with the highest SecurityLevel of the ones supported by the Client and matching the requested SecurityMode (see 9.2.2) shall be chosen. Otherwise, the EndpointDescription matching the requested SecurityMode and SecurityPolicyUri (see 9.2.2) shall be chosen. The complete process, including NodeId resolution, is illustrated in Figure 63.