Server to connect supports no securtiy, therefore Policy/Mode = None/None.
Username/Passwort used.
Initial connection works fine.
During renew the SecureChannel the UaExpert brings a pop up named " Certificate Validation" and StatusCode "BadInvalidArgument".
V1.6.2 renew SecureChannel for Security None/None fails
Moderator: uaexpert
-
- Sr. Member
- Posts: 14
- Joined: 31 Jul 2013, 12:51
- Support Team
- Hero Member
- Posts: 3068
- Joined: 18 Mar 2011, 15:09
Re: V1.6.2 renew SecureChannel for Security None/None fails
Hi,
thank you for reporting, yes this is a know issue in the new UaExpert 1.6.2.
It is caused by the approach to (more and more) closing all the security gaps, holes and bypass scenarios. One of which is the "none" security and "clear text" PWD transmission, which your server is obviously doing. Another one is the poor security implementations out on the market, we want to make it harder for implementations that go "lazy" on security.
I agree that it is anoying that we do recheck the security measures on "renew", and not only initially on first connect. But we hope that servers like yours become obsolete over time, and will be replaced with "good" ones. If you have a proper certificate and if you properly trust this certificate, you will have no issue at all during the renew.
However, specially for the exceptional case of "none", and for testing and comissioning only, we agree on skipping the security validation in case of channel renew, because you individually have agreed to "no security" before, and you will probably not change your mind within 45 minutes.
thank you for reporting, yes this is a know issue in the new UaExpert 1.6.2.
It is caused by the approach to (more and more) closing all the security gaps, holes and bypass scenarios. One of which is the "none" security and "clear text" PWD transmission, which your server is obviously doing. Another one is the poor security implementations out on the market, we want to make it harder for implementations that go "lazy" on security.
I agree that it is anoying that we do recheck the security measures on "renew", and not only initially on first connect. But we hope that servers like yours become obsolete over time, and will be replaced with "good" ones. If you have a proper certificate and if you properly trust this certificate, you will have no issue at all during the renew.
However, specially for the exceptional case of "none", and for testing and comissioning only, we agree on skipping the security validation in case of channel renew, because you individually have agreed to "no security" before, and you will probably not change your mind within 45 minutes.
Best regards
Unified Automation Support Team
Unified Automation Support Team