diff --git a/src/protocols/opcua_server.py b/src/protocols/opcua_server.py
index 8a5d059..f64e7f6 100644
--- a/src/protocols/opcua_server.py
+++ b/src/protocols/opcua_server.py
@@ -172,17 +172,22 @@ class OPCUAServer:
     async def _configure_security(self):
         """Configure OPC UA security with certificates."""
         try:
-            # Set security policies
-            self.server.set_security_policy([
-                SecurityPolicyBasic256Sha256,
-                "http://opcfoundation.org/UA/SecurityPolicy#None"
-            ])
-            
             # Load or generate certificates
             if self.certificate_path and self.private_key_path:
                 # Load existing certificates
                 await self.server.load_certificate(self.certificate_path)
                 await self.server.load_private_key(self.private_key_path)
+                
+                # Set security policies for secure connections
+                self.server.set_security_policy([
+                    SecurityPolicyBasic256Sha256,
+                    "http://opcfoundation.org/UA/SecurityPolicy#None"
+                ])
+                
+                # Configure certificate validation
+                validator = CertificateValidator(CertificateValidatorOptions())
+                self.server.set_certificate_validator(validator)
+                
             elif HAS_CERT_GEN and setup_self_signed_cert:
                 # Generate self-signed certificate for development
                 await setup_self_signed_cert(
@@ -194,18 +199,25 @@ class OPCUAServer:
                     "Lazio",
                     "calejo-control.com"
                 )
+                
+                # Set security policies for secure connections
+                self.server.set_security_policy([
+                    SecurityPolicyBasic256Sha256,
+                    "http://opcfoundation.org/UA/SecurityPolicy#None"
+                ])
+                
+                # Configure certificate validation
+                validator = CertificateValidator(CertificateValidatorOptions())
+                self.server.set_certificate_validator(validator)
+                
             else:
-                # Certificate generation not available, use basic security
+                # Certificate generation not available, use only None security policy
                 logger.warning("certificate_generation_not_available")
                 self.server.set_security_policy([
                     "http://opcfoundation.org/UA/SecurityPolicy#None"
                 ])
                 return
             
-            # Configure certificate validation
-            validator = CertificateValidator(CertificateValidatorOptions())
-            self.server.set_certificate_validator(validator)
-            
             logger.info("opcua_security_configured")
             
         except Exception as e: