Hello,
I want to connect the integrated OPC UA Server of a Simotion with the UaExpert Client. Everything works, but I have Problems with the certificates.
Everything what I tried, I got the same error report:
"unable to get local issuer certificate [BadCertificateChainIncomplete]
invalid CA certificate [BadCertificateInvalid]
unable to get certificate CRL [BadCertificateRevocationUnknown]
unable to verify the first certificate [BadCertificateChainIncomplete]"
In another thread (https://forum.unified-automation.com/po ... ertificate chain#p3978) with a similar Problem is written that the revocation list (CRL) of the CA is missing. But in the certstore of the Server is only a Folder "CA" with one certificate (ITDiagRootCA.crt) and a Folder "servercerts" with one certificate (OPCUA.crt).
Could anybody help me what I have to do?
Best Regards!
Connection UaExpert - Simotion
Moderator: uaexpert
- Support Team
- Hero Member
- Posts: 3069
- Joined: 18 Mar 2011, 15:09
Re: Connection UaExpert - Simotion
Hello skoebler,
for servers with CA-signed certificates, you need to have the CA certificate inside your client's 'trusted/certs' or 'issuers/certs' folder. Additionally, you need to have the CA's CRL in the respective 'crl' folder, or you skip the CRL check by setting 'General.DisableError.CertificateIssuerRevocationUnknown' and 'General.DisableError.CertificateRevocationUnknown' in UaExpert's settings to true.
If you still experience problems after that, please contact the server vendor for information on how to connect to the server with security, as there might be an issue with the server's certificate.
for servers with CA-signed certificates, you need to have the CA certificate inside your client's 'trusted/certs' or 'issuers/certs' folder. Additionally, you need to have the CA's CRL in the respective 'crl' folder, or you skip the CRL check by setting 'General.DisableError.CertificateIssuerRevocationUnknown' and 'General.DisableError.CertificateRevocationUnknown' in UaExpert's settings to true.
If you still experience problems after that, please contact the server vendor for information on how to connect to the server with security, as there might be an issue with the server's certificate.
Best regards
Unified Automation Support Team
Unified Automation Support Team