I'm using C++ Based OPC UA Client/Server SDK v1.5.5.355.
I'm unable to make a secure connection using server_sdk_tutorial and client_cpp_sdk. I've tried all endpoints.
Log:
Code: Select all
****************************************************************
** Try to connect to selected server
-- Event connectError ---------------------------------
clientConnectionId 0
Service Type Processing of Service ActivateSession
Status BadIdentityTokenRejected
-------------------------------------------------------
** Error: UaSession::connect failed [ret=BadIdentityTokenRejected]
****************************************************************
------------------------------------------------------------
- Make sure the client certificate is in server trust list -
- Check rejected directory of server PKI store -
------------------------------------------------------------
Code: Select all
# find /usr/bin/pki*
/usr/bin/pkiclient
/usr/bin/pkiclient/issuers
/usr/bin/pkiclient/issuers/certs
/usr/bin/pkiclient/issuers/crl
/usr/bin/pkiclient/own
/usr/bin/pkiclient/own/private
/usr/bin/pkiclient/own/private/uaclientcpp.pem
/usr/bin/pkiclient/own/certs
/usr/bin/pkiclient/own/certs/uaclientcpp.der
/usr/bin/pkiclient/trusted
/usr/bin/pkiclient/trusted/certs
/usr/bin/pkiclient/trusted/certs/883DAE43219BB5CD4542391060A272817D68B3C6.der
/usr/bin/pkiclient/trusted/crl
/usr/bin/pkiserver
/usr/bin/pkiserver/issuers
/usr/bin/pkiserver/issuers/certs
/usr/bin/pkiserver/issuers/crl
/usr/bin/pkiserver/own
/usr/bin/pkiserver/own/private
/usr/bin/pkiserver/own/private/uaservercpp.pem
/usr/bin/pkiserver/own/certs
/usr/bin/pkiserver/own/certs/uaservercpp.der
/usr/bin/pkiserver/trusted
/usr/bin/pkiserver/trusted/certs
/usr/bin/pkiserver/trusted/certs/CB734AF6A19712AD085FDAE3402E3233897FA56E.der
/usr/bin/pkiserver/trusted/crl
/usr/bin/pkiserver/rejected
Code: Select all
-------------------------------------------------------
- The following certificate is not trusted yet -
-------------------------------------------------------
- CommonName UaServerCpp@iot2000
- Issuer.commonName UaServerCpp@iot2000
- Issuer.organization Organization
- Issuer.organizationUnit Unit
- Issuer.state
- Issuer.country DE
- ValidFrom 2017-11-23T17:16:40.000Z
- ValidTo 2022-11-22T17:16:40.000Z
'y' + Enter if you want to trust the certificate temporarily.
'p' + Enter if you want to trust the certificate permanently an copy the server certificate into the client trust list.
Enter if you don't want to trust the certificate.
p
Certificate was accepted permanently.
Connecting to opc.tcp://localhost:48010
Connect failed with status BadSecurityChecksFailed
********************************************************************************************
Connect with security failed. Make sure the client certificate is in the servers trust list.
********************************************************************************************
Press Enter to close
root@iot2000:~# client_lesson04
Call FindServers on Url opc.tcp://localhost:48010
FindServers succeeded
** Application [0] **********************************************************
ApplicationUri urn:iot2000:UnifiedAutomation:UaServerCpp
ApplicationName UaServerCpp@iot2000
** DiscoveryUrl [opc.tcp://iot2000:48010] ***********************
** Endpoint[0] ***********************************************
Endpoint URL opc.tcp://iot2000:48010
Security Policy http://opcfoundation.org/UA/SecurityPolicy#None
Security Mode None
**************************************************************
** Endpoint[1] ***********************************************
Endpoint URL opc.tcp://iot2000:48010
Security Policy http://opcfoundation.org/UA/SecurityPolicy#Basic256
Security Mode Sign
**************************************************************
** Endpoint[2] ***********************************************
Endpoint URL opc.tcp://iot2000:48010
Security Policy http://opcfoundation.org/UA/SecurityPolicy#Basic256
Security Mode SignAndEncrypt
**************************************************************
** Endpoint[3] ***********************************************
Endpoint URL opc.tcp://iot2000:48010
Security Policy http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
Security Mode Sign
**************************************************************
** Endpoint[4] ***********************************************
Endpoint URL opc.tcp://iot2000:48010
Security Policy http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
Security Mode SignAndEncrypt
**************************************************************
************************************************************************
******************************************************************************
Press Enter to connect with security
Try to find secure Endpoint on: opc.tcp://localhost:48010
Endpoint with best security found:
Endpoint URL opc.tcp://iot2000:48010
Security Policy http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
Security Mode SignAndEncrypt
Connecting to opc.tcp://localhost:48010
-------------------------------------------------------------
Connection status changed to Connected
-------------------------------------------------------------
Connect succeeded
Press Enter to read values
Reading ...
Read failed for item[0] with status BadNodeIdUnknown
Read failed for item[1] with status BadNodeIdUnknown
Value[2]: 60.49617
Read failed for item[3] with status BadNodeIdUnknown
Press Enter to write values
Thanks!
Fahad