What I have already seen in Bosch plants and at suppliers:
Some plants and business areas are providing a MES test server. Either a real computer at the supplier or via router in the cloud. Bosch AE is very exemplary and provides all suppliers access to a test server.
If no test server is available:
If you have MES via Public Interface (OPC UA) it is quite easy: The DataSetManager can switch between local data or MES data. Alternatively/Additionally you can use the PublicInterfaceTester to simulate MES.
For MES via OpconXml: Testing could be done with the CommTester. But this tool is not available publicly. And the usage of the tool is not very convenient.
Last option that is probably the default option with OpconXml nowadays: Put the MES type data temporarily into a local DAT file and use local data management (DataSetManager+DataSetAccess or DatAccess). When MES is available switch back from local data to MES data. This solutions causes the most additional effort and I guess this is the reason for your question 😀
Target is that DataSetManager supports OpconXml as well, but priorization is not yet high enough to implement it (and some technical basics would have to be improved in the platform). Feel free to contribute to a higher priorization.
... View more
Actually the error message from the original post has a different reason:
The target system image had probably just been applied from the service stick. The RAT service on the PLC creates its own certificate when it is started the first time. This certificate has a period of validity which starts at the time where it is created.
The realtime clock of some PLCs (e.g. C6017) tends to run a little fast. I.e., at the time it is created, the certificate is not yet valid when evaluated on a computer where the system time is not ahead.
And that's the error message you got: The development computer (client) does not accept the certificate from the PLC (server) because it is not yet valid. So actually, this problem was solved by waiting for some minutes, not by the steps in the accepted answer.
Nevertheless, the hint in the accepted answer is correct: When deploying to the target system for the first time, you need to trust the client certificate on the server side. Otherwise you also get an error message, though it would be this one:
RAT client: Secure connect failed. Make sure the client certificate is in the servers "trust" list.
maj9bj describes correctly how the certificate can be trusted manually on the file level. Alternatively, you can use the SecurityManager app on the target system which is accessible through the tray icon looking like a shield.
... View more
I have discussed the matter with my colleagues. We will move the Trumpf laser objects and the required base object version V1.1 back to the normal repository. This means the normal repository will contain two versions of the base object, which was originally not intended. But I think this is the better solution.
... View more