Mitsubishi Electric MELSEC iQ-F FX5 User Manual page 37

The OPC UA security policy considers the strength of certificates.
Therefore, OPC UA clients may not be able to access some endpoints depending on the settings of the stored server
certificate.
An FX5-OPC rejects a client connection if the settings of a server certificate (combination of an asymmetric signature
algorithm and asymmetric key length) and the security policy of selected endpoint do not match the table below.
Asymmetric signature
algorithm
Sha1RSA
Sha256RSA
Sha384RSA
Sha512RSA
By generating a certificate with the following settings, a high security level is provided and the availability of all security
policies is ensured:
• RSA Key Strength: 2048 bits
• Signature Algorithm: SHA-256
For details on the settings, refer to the following:
Page 71 "Generate a New Self-Signed Certificate" screen
Asymmetric key length
1024 bits
None
Basic128Rsa15
Basic256
None
Basic128Rsa15
Basic256
2048 bits
None
Basic128Rsa15
Basic256
None
Basic128Rsa15
Basic256
Basic256Sha256
3072 bits
4096 bits

None
Basic256Sha256
4 FUNCTIONS
4.2 OPC UA Server Function
4
35