Could not use certificate authorization

Questions regarding the use of the ANSI C SDK for Server or Client development or integration into customer products ...

Moderator: uasdkc

Post Reply
KarenSimonyan
Jr. Member
Jr. Member
Posts: 2
Joined: 26 Mar 2020, 16:47

Could not use certificate authorization

Post by KarenSimonyan »

Dear Support,

After building examples I have enabled certificate authorization from setting.config.
Then I run ./uaserverc and ./uaclientc and got this error:

Code: Select all

UA_SCBADIDENTITYTOKENREJECTED 0x80210000 /**< The user identity token is valid but the server has rejected it. */
Here is full log

Code: Select all

UA Server: Initializing Stack...


This is an evaluation version of the

   Unified Automation GmbH - Ansi C OPC UA SDK
   ---------------------------------------------------------

The SDK stops communication after the expiration time of 60 minutes.

Do you agree to the Unified Automation Software Licence Agreement?
(this SLA can be found in the SDK package)
(type 'y' for yes, 'n' for no or 'r' to read the SLA)

y
Initializing keyboard.

-------------------------------------------------------
- Press x to close client                             -
-------------------------------------------------------
- Press 0 to start discovery                          -
- Press 1 to connect to server                        -
- Press 2 to connect to server w. AutomaticReconnect  -
- Press 3 to disconnect from server                   -
- Press 4 to browse server                            -
- Press 5 to read values                              -
- Press 6 to create a subscription                    -
- Press 7 to modify a subscription                    -
- Press 8 to delete a subscription                    -
- Press 9 to create monitored items                   -
- Press a to delete monitored items                   -
- Press b to call a method                            -
-------------------------------------------------------

Demo_FindServers_CB result (0x00000000):
[0] UaServerC@karen:
    opc.tcp://karen:48020
Demo_GetEndpoints_CB result (0x00000000):
[0]: opc.tcp://karen:48020
[1]: opc.tcp://karen:48020
[2]: opc.tcp://karen:48020
[3]: opc.tcp://karen:48020
[4]: opc.tcp://karen:48020
[5]: opc.tcp://karen:48020
[6]: opc.tcp://karen:48020
Select one of the following endpoints by pressing the according key:
[0]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: None
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#None
[1]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: Sign
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
[2]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: SignAndEncrypt
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
[3]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: Sign
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep
[4]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: SignAndEncrypt
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep
[5]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: Sign
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss
[6]:
    EndpointUrl: opc.tcp://karen:48020
    SecurityMode: SignAndEncrypt
    SecurityMode: http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss
Using endpoint #2

-------------------------------------------------------
- Press x to close client                             -
-------------------------------------------------------
- Press 0 to start discovery                          -
- Press 1 to connect to server                        -
- Press 2 to connect to server w. AutomaticReconnect  -
- Press 3 to disconnect from server                   -
- Press 4 to browse server                            -
- Press 5 to read values                              -
- Press 6 to create a subscription                    -
- Press 7 to modify a subscription                    -
- Press 8 to delete a subscription                    -
- Press 9 to create monitored items                   -
- Press a to delete monitored items                   -
- Press b to call a method                            -
-------------------------------------------------------


-------------------------------------------------------
- Press x to close client                             -
-------------------------------------------------------
- Press 0 to start discovery                          -
- Press 1 to connect to server                        -
- Press 2 to connect to server w. AutomaticReconnect  -
- Press 3 to disconnect from server                   -
- Press 4 to browse server                            -
- Press 5 to read values                              -
- Press 6 to create a subscription                    -
- Press 7 to modify a subscription                    -
- Press 8 to delete a subscription                    -
- Press 9 to create monitored items                   -
- Press a to delete monitored items                   -
- Press b to call a method                            -
-------------------------------------------------------


--> Demo_ConnectionStatusChanged_CB: Connecting

Demo_ConnectError_CB:
    ServiceType: ActivateSession
    Error: 0x80210000
    Overridable: false
13:42:31.077|E|3445740* UaClient_Session_ConnectionRequestComplete_CB: ActivateSession failed (0x80210000)

-------------------------------------------------------
- Press x to close client                             -
-------------------------------------------------------
- Press 0 to start discovery                          -
- Press 1 to connect to server                        -
- Press 2 to connect to server w. AutomaticReconnect  -
- Press 3 to disconnect from server                   -
- Press 4 to browse server                            -
- Press 5 to read values                              -
- Press 6 to create a subscription                    -
- Press 7 to modify a subscription                    -
- Press 8 to delete a subscription                    -
- Press 9 to create monitored items                   -
- Press a to delete monitored items                   -
- Press b to call a method                            -
-------------------------------------------------------


--> Demo_ConnectionStatusChanged_CB: Disconnected



User avatar
Support Team
Hero Member
Hero Member
Posts: 3056
Joined: 18 Mar 2011, 15:09

Re: Could not use certificate authorization

Post by Support Team »

Hello ,

we can not reproduce the error you are reporting. When installing the new version of the SDK the certificates for the applicaitons are not deleted, hence could remain over several versions. Maybe you are using some very old certificates. Such old certificates may not be sufficient for the operations anymore. Make sure to delete the certificate store manually, and let the client and the server application recreate their certificates (do not manipulate the config files). Do the trust of both sides and try again.

With freshly created certificates the excamples work like a charm.
Best regards
Unified Automation Support Team

Post Reply