Hello
I am using UaExpert 1.2.2 175
When I try to connect to my Server with UaExpert everything is right, when I open a new UaExpert and try to connect this one, I get a BadNonceInvalid error code from my Server. I am connecting with None and None security policies
With Wireshark I can see in CreateSession that the ClientNonce length is 32 and filled with 0.
So I guess the first UaExpert is allowed but then the 2nd use the same one as the first and my Server does not allow that.
Question : Why UaExpert does not create a random Nonce even with None and None security policies ?
ClientNonce
Moderator: uaexpert
-
cacamille3
- Hero Member
- Posts: 73
- Joined: 15 Feb 2012, 21:43
Re: ClientNonce
I Check with Basic128Rsa15 - Sign / Basic128Rsa15 - Sign&Encrypt / Basic1256 - Sign / Basic256 - Sign&Encrypt
and in those cases the ClientNonce is well a random number.
With Prosys OPC UA Client the ClientNonce is always filled, with KEPServerEx it's like in UaExpert, only with Secure connection.
There is nothing in the 1.02 specification saying that ClientNonce shall be avoid with No security
but also nothing directly saying that Server shall verify ClientNonce with No Security Policy or maybe I didn't find it...
and in those cases the ClientNonce is well a random number.
With Prosys OPC UA Client the ClientNonce is always filled, with KEPServerEx it's like in UaExpert, only with Secure connection.
There is nothing in the 1.02 specification saying that ClientNonce shall be avoid with No security
but also nothing directly saying that Server shall verify ClientNonce with No Security Policy or maybe I didn't find it...
-
cacamille3
- Hero Member
- Posts: 73
- Joined: 15 Feb 2012, 21:43
Re: ClientNonce
I am still confused with that specification lack but I set my Server to not check ClientNonce with unsecure connection