Unified Automation Forum

Hello,

I am using the latest UAExpert 1.4.0

When I try to connect with SecureMode Basic128Rsa15 - Sign or Sign/Encrypt or Basic256 - Sign or Sign/Encrypt
I get a warning Message in attachment.

This was not shown before.
Is there a way to know why ?
The SubjectAltName of my Certificate contains the same Urn as the Server Application Uri sent by my Server.

up

Hello,

the error refers to the SubjectAlternativeName extension, which shall contain the server's hostname(s) and/or IP addresses. If you connect to the server using it's IP address and the certificate only contains the hostname (or the other way round), this error will be thrown.

Regards,
Unified Automation Support Team

I have one valid URI but no IPAddresses nor DNSNames.
Are those required by the OPC specification ?

Hello,

the errors are obviously in the certificate of the Loytec Server. The certificate does not comply to the OPC Specification. The Server's certificate is either wrong, corrupted, or hacked(replaced) by someone else. UaExpert very clearly points to the issues that where found during validation of the server's certificate and it is reporting them as "warning" (orange color) to give you (the user/administrator) some more information on all the wrong(incomplete) certificate content. The decision is yours, if you still want to trust the Loytec Server, you can, but it is on your own risk.

You should contact the Loytec support and ask if and why they deploy wrong certificates. However, if the Loytec original certificate was correct, you might have forgery of certificates on your system.

Best Regards
Support Team

The only missing stuff was the DNS Name. In the pre-installed Server certificate, it was present, but missing when creating a self-signed certificate.
Therer is no more warnings anymore now.