Certificate Authentication failing

Questions regarding the use of the UaExpert.

Moderator: uaexpert

Post Reply
Jr. Member
Jr. Member
Posts: 1
Joined: 28 Jun 2024, 03:39

Certificate Authentication failing

Post by DivyaK »

When Doing certificate authentication with security policy as none working as expected but we try to do the authentication with pass phrase openssl certificate and security policy as Basic256 and sign & encrypt its failing .

openssl req -x509 -sha256 -days 365 -newkey rsa:2048 -keyout OPCUAClient.pem -out OPCUAClient.der -subj "/CN=EBIServerA"
By using above command generated the certificates

Can you please let me know what I'm missing or any configuration is the issue

User avatar
Support Team
Hero Member
Hero Member
Posts: 3137
Joined: 18 Mar 2011, 15:09

Re: Certificate Authentication failing

Post by Support Team »


the security algorithm for the UserToken (used to encrypt the pwd) might be different than the security algorithm used for the channel. That said, you must carefully look into the server's endpoint description, exactly giving you the security policies for both (channel and user).

Note: the "Basic256" was already deprecated by OPC Foundation and should not be used anymore! Many servers (and clients as well) have a "secure by default" setting activated, hence will not work with the depecated security policy out of the box. Check with the products in use if they have some "hidden switch" to run in legacy/deprecated mode, allowing the old policy.
Best regards
Unified Automation Support Team

Post Reply