Professional OPC
Development Tools


"BadCertificateUntrusted" exception when programmatically reading value with identifier

18 Dec 2018 16:33 #6932 by support


look for
- TrustedEndpointUrlString
or even "stronger"
- AcceptAnyCertificate

Best regards

Please Log in or Create an account to join the conversation.

18 Dec 2018 10:51 #6928 by Restrepo
I think I would like to pursued the secure-wise option but would you mind showing me the unsecure option in case we have a customer that would like to by pass the certificate exchange? Thanks

Please Log in or Create an account to join the conversation.

18 Dec 2018 06:42 #6927 by support

The difference between the versions can be due to tightened security defaults in newer versions, but I cannot provide precise explanation without testing it out. Anyway, the new behavior seems to be the right one. Also, remember to configure the certificate to be accepted on the TOP Server side, as your app may now have a new certificate, with new version.

The answer to your question then depends on whether you want to do it right (security-wise), or just for making things work somehow (but unsecure). In the first case, you will need to store the TOP Server's certificate to Trusted Certificate store on the client side. In the seconds case, there are some settings in QuickOPC to bypass the certificate checking partially or fully.

Let me know which way you want to go and I will give you further steps. For both cases, there are article in the documentation that can help.

Best regards

Please Log in or Create an account to join the conversation.

17 Dec 2018 22:16 - 18 Dec 2018 06:34 #6926 by Restrepo
Hello Z,

I been testing a sample application where I can read a Value from a OPC UA server(In this case is TOP Server) with an specific user name credentials, but it seems that when I try to read the UA node value with the code below I get a "BadCertificateUntrusted" exception. I got this to work with Quick OPC 2018.1 version without any issues; however, I keep getting the error on the newest version of Quick OPC. I did notice that when I try to connect to the same endpoint using connectivity explorer with the identity property configured with the user name and password, I get a prompt to trust a certificate. I believe this is the same issue; however, how would i go of handling this on my code? please see attached screen shot for the prompt. Thanks in advance.

        string userName = "User1";
        string passWord = "Pass1";
        string UAUrl = "opc.tcp://";
        string NodeDescriptor = "nsu=TOP Server;ns=2;s=Channel1.Device1.Tag1";
        private void button1_Click(object sender, EventArgs e)
            var UAEndPoint = new UAEndpointDescriptor
                UrlString = UAUrl
            UAEndPoint.UserIdentity.UserNameTokenInfo.UserName = userName;
            UAEndPoint.UserIdentity.UserNameTokenInfo.Password = passWord;
            var ReadValue = easyUAClient1.ReadValue(UAEndPoint, NodeDescriptor).ToString();
            label1.Text = String.Format("Tag1 Value : [ {0} ]", ReadValue);
Last edit: 18 Dec 2018 06:34 by support.

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.185 seconds


 Recommend this on Google