LDS / Configuration Tool / Client-Server Connection
Posted: 21 Jun 2013, 15:03
I am not sure if my question is right for this section.
I have the problem establishing a secure connection with UA Expert to my Server build with the .NET SDK or the UA .NET SDK Demo Server.
I think the problem lies with the application instance certificates. So I have several questions:
1. Were can I get the OPC UA Configuration Tool ?
If I download the OPC UA LDS package from OPC Foundation it only contains the Certifcate Generator.
Does it come with any of your SDKs ? Because I can not find it and the Redistributable package from the OPC Foundation is for members only.
It comes with the SDK from Softing in Version 1.1 but I dont want to install their SDKs just for the Configuration Tool.
2. Does a basic Demo Server build with your SDK create a certificate without the install option ?
I ask because the install paremeter works with the UA .NET Demo Server of yours but I not with my Server and I could not find any application instance
certificate in the usual places after running my server without the install parameter.
For information, it is just a early basic implementation like the lesson 3 server from the .NET SDK Doku.
A problem was that even if several endpoints were defined in the app.config file like:
opc.tcp://localhost:48666/ [SignAndEncrypt:Basic256:Binary]: Status = Good
opc.tcp://localhost:48666/ [SignAndEncrypt:Basic128Rsa15:Binary]: Status = Good
opc.tcp://localhost:48666/ [None:None:Binary]: Status = Good
the console output showed me only the unsecure one. Only after trying to somehow creating a certificate, my server
suddenly showed all three endpoints, so I guess it has something to do with the application instance certificates being able to use secure endpoints.
3. When I experiment with secure connections between UA Expert and the UA .NET Demo Server I still have problems.
Even when I think that I have all the needed application instance certificates in the right trusted lists and UA tells me that the
certificate is valid, it warns me that the URI in the certificate does not match the Application URI of the server.
Even when I say ok the connection can not be established:
15:54:12.181 | Server Node | Server Prototype - B... | Connecting failed with error 'BadConnectionClosed'
15:54:12.133 | Server Node | Server Prototype - B... | User forced to continue the connection to a possible unsecure server.
15:53:28.137 | Server Node | Server Prototype - B... | The server returned a valid certificate.
15:53:26.501 | Server Node | Server Prototype - B... | The certificate is self-signed, and is not found in the list of trusted certificates.
I know the information is vague but maybe you can give me some general information how this works or what could be missing
and information about if it is possible to get the OPC UA configuration tool or if I dont need it.
thank you
best regards
I have the problem establishing a secure connection with UA Expert to my Server build with the .NET SDK or the UA .NET SDK Demo Server.
I think the problem lies with the application instance certificates. So I have several questions:
1. Were can I get the OPC UA Configuration Tool ?
If I download the OPC UA LDS package from OPC Foundation it only contains the Certifcate Generator.
Does it come with any of your SDKs ? Because I can not find it and the Redistributable package from the OPC Foundation is for members only.
It comes with the SDK from Softing in Version 1.1 but I dont want to install their SDKs just for the Configuration Tool.
2. Does a basic Demo Server build with your SDK create a certificate without the install option ?
I ask because the install paremeter works with the UA .NET Demo Server of yours but I not with my Server and I could not find any application instance
certificate in the usual places after running my server without the install parameter.
For information, it is just a early basic implementation like the lesson 3 server from the .NET SDK Doku.
A problem was that even if several endpoints were defined in the app.config file like:
opc.tcp://localhost:48666/ [SignAndEncrypt:Basic256:Binary]: Status = Good
opc.tcp://localhost:48666/ [SignAndEncrypt:Basic128Rsa15:Binary]: Status = Good
opc.tcp://localhost:48666/ [None:None:Binary]: Status = Good
the console output showed me only the unsecure one. Only after trying to somehow creating a certificate, my server
suddenly showed all three endpoints, so I guess it has something to do with the application instance certificates being able to use secure endpoints.
3. When I experiment with secure connections between UA Expert and the UA .NET Demo Server I still have problems.
Even when I think that I have all the needed application instance certificates in the right trusted lists and UA tells me that the
certificate is valid, it warns me that the URI in the certificate does not match the Application URI of the server.
Even when I say ok the connection can not be established:
15:54:12.181 | Server Node | Server Prototype - B... | Connecting failed with error 'BadConnectionClosed'
15:54:12.133 | Server Node | Server Prototype - B... | User forced to continue the connection to a possible unsecure server.
15:53:28.137 | Server Node | Server Prototype - B... | The server returned a valid certificate.
15:53:26.501 | Server Node | Server Prototype - B... | The certificate is self-signed, and is not found in the list of trusted certificates.
I know the information is vague but maybe you can give me some general information how this works or what could be missing
and information about if it is possible to get the OPC UA configuration tool or if I dont need it.
thank you
best regards