Professional OPC
Development Tools

logos

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

Unable to connect to Bihler machine using X509 certificate: strange error.

More
31 Aug 2019 06:33 #7688 by support
Thanks for letting me know. I do not quite understand why this is happening, but I guess that as long s it works, we can close the issue for now.

Best regards

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 14:48 #7685 by scaglio
Hello, I found that If I put empty password in
UserIdentity id = UserIdentity.CreateX509CertificateIdentity(certPath, "");
the connection to Bihler CNC works.
If instead of empty password I use the identitity certificate password. It does not work.

Best regards.

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 12:02 #7683 by support
Thank you, I understand better now.

You are specifying a password with the certificate from Bihler, so I assume that certificate is password protected. Was the self-signed certificate you created yourself (and tested with Prosys server) also password protected?

Thank you

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 11:57 #7682 by scaglio
Hello,
>I do not understand this part:
>"I debugged my code connecting with a self created certificate to a prosys simulator and it works with no problems."
I mean that I tried my code with a self certified pfx for user autentication and it works connecting to a prosys opc ua simultor server with no problems. So probably the code works. Just that.

>How does this relate to the problem with Bihler machine? Were you *also* using the same self-created certificate for *user* authentication with Prosys simulator?
The pfx supplied to bihler was generated by bihler technician and is trusted. I have tried to supply a self generated certificate to bihle rcnc but was not accepted.

>Everything was the same, just the server was different? Or, aren't you confusing the OPC UA application instance certificates with certificates for OPC UA user >authentication?
I have already explained above.

Thank you!.

Best regards

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 10:57 #7679 by support
I do not understand this part:
"I debugged my code connecting with a self created certificate to a prosys simulator and it works with no problems."

How does this relate to the problem with Bihler machine? Were you *also* using the same self-created certificate for *user* authentication with Prosys simulator? Everything was the same, just the server was different? Or, aren't you confusing the OPC UA application instance certificates with certificates for OPC UA user authentication?

Best regards

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 09:47 #7674 by scaglio
Hello, the code used to specify the pfx is:

if (this._Settings.OPCUASettings.UserCertEnabled)
{
string certPath = Path.Combine(ProductData.GetMainPath(this._Settings.DriversPath), "Certificate.pfx");
if (!File.Exists(certPath))
LoggerManager.MainLog.Error(string.Format("OPC Server '{0}', user certificate file not found.", this._Settings.Address));
else
{
UserIdentity id = UserIdentity.CreateX509CertificateIdentity(certPath, "TS");
this._EndpointDescriptor.UserIdentity.X509CertificateTokenInfo = id.X509CertificateTokenInfo;
}

}


I debugged my code connecting with a self created certificate to a prosys simulator and it works with no problems.
From the log I have attached from my previous message you can see that I have a monitored item and when data change notificatin I received the errors:

UAClientMonitoredItem "NodeId="ns=2;s=29242.VC1.State"" failed at tick 25857125 and will retry in 60000 ms
Raising data change notification for "opc.tcp://192.168.4.200:4840", "NodeId="ns=2;s=29242.VC1.State"": [] *** Failure -1 (0xFFFFFFFF): Password di rete specificata non corretta.

and then

UAClientMonitoredItem "NodeId="ns=2;s=29242.VC1.State"" failed at tick 25862093 and will retry in 60000 ms
Raising data change notification for "opc.tcp://192.168.4.200:4840", "NodeId="ns=2;s=29242.VC1.State"": [] *** Failure -1 (0xFFFFFFFF): OPC-UA client session is not available when connecting the client subscription.
UAClientSubscription will reconnect now

But, have you seen the log?.

Thank you.

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 09:28 #7672 by support
Please clarify what you mean by "connect ... using X509 pfx certificate". If there is a code used to specify the certificate, please post it here, together with the piece of code that causes the error to show.

Best regards

Please Log in or Create an account to join the conversation.

More
29 Aug 2019 08:26 #7669 by scaglio
Hello, I am unable to connect to a Bihler CNC machine using X509 pfx certificate. As you can see in log file attached, the error is:

The OPC-UA client session with connect sequence number 1 failed to connect to endpoint URL "opc.tcp://192.168.4.200:4840". Password di rete specificata non corretta. + The SDK action called was "static Session.Create".

("Password di rete specificata non corretta" = Incorrect specified network password).

I await your kind reply.
Thank you.

Massimo Scaglioni
Attachments:

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.065 seconds