Fault at connection to OPC Server on PLC Simotion

Questions regarding the use of the UaExpert.

Moderator: uaexpert

Post Reply
imartinez
Jr. Member
Jr. Member
Posts: 2
Joined: 01 Dec 2020, 10:55

Fault at connection to OPC Server on PLC Simotion

Post by imartinez »

Hello,

I'm quite new on OPC UA communication.

I'm using UAExpert to connect to the OPC server of a PLC Simotion D425. When launch connection I obtain a popup to trust the certificate sent by the PLC Simotion D425. I can trust it but I get 3 errors at each time I try to connect.

Unable to get local issuer certificate [BadCertificateChainIncomplete]
Unable to get certificate CRL [BadCertificateRevocationUnkwown]
Unable to verify the first certificate [BadCertificateChainIncomplete]

When contacting Siemens they tell me that this is because the server cannot manage client certificates and that I need to create my own and load it into the PLC.

Does this seems right?

From what I understand I would say there is a problem with the certificate in the PLC.

User avatar
Support Team
Hero Member
Hero Member
Posts: 3064
Joined: 18 Mar 2011, 15:09

Re: Fault at connection to OPC Server on PLC Simotion

Post by Support Team »

Hello,

in OPC UA we can have two types of certificates, the self-signed and the CA-signed. Where as the first is created and signed by the application itself (must exchange with communication partner and trust on both sides). And the second is created by the application bus signed by an (external) Certificate Authority. The CA can be chained, where on CA signs the other and that one signes the next until finally the application instance cert is signed. Advantage is that you just need to trust the CA and automatically trust all that were signed by this CA.

Not all implementations of OPC UA products support the CA signed and chained certification usage. In that case you must use the self-signed and trust on both sides (copy the communication partner's Public Key cross wise into the trust store).
Best regards
Unified Automation Support Team

Post Reply