Online Forums
Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.
Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.
Do not use the Contact page for technical issues.
- Forum
- Discussions
- QuickOPC-Classic in .NET
- Browsing, Browse Dialogs and Controls
- Exception while trying to connect to an OPC UA Server
Exception while trying to connect to an OPC UA Server
The attachment is missing (after selecting the file, do not forget to "insert" it into the post).
We only do online forums and email, for tech support.
Regards
Please Log in or Create an account to join the conversation.
See the attached document that shows all the steps in UA Expert to connect to the Honeywell OPC UA server.
I understand that supporting us with this issue is out of the scope of your support. Are you willing to remotely connect to the customer's computer (in Belgium) and help us for an additional fee?
I appreciate your answer.
Thank you.
Michael
Attachments:
Please Log in or Create an account to join the conversation.
To the question: "What do you recommend?" : I have already answered that. The CA certificate(s) need to be placed into the Trusted issuers store (in addition to Trusted peers). This is fairly standard procedure.
There are also ways to tell QuickOPC to blindly accept the certificate anyway, but of course that's totally insecure.
Regards
Please Log in or Create an account to join the conversation.
Thank you for your answer. So if something is wrong with the certificate how come that the UA Expert is able to deal with it and browsing is Okay?
I don't know what kind of certificate is it. Our OPC Client software is installed in the customer's site in Belgium. He needs to connect to the UA Server...
What do you recommend?
Thank you.
Michael
Please Log in or Create an account to join the conversation.
In this case also you also need to manage the CA certificates (the trusted CA certificates need to be in Trusted Issuers certificate store). This is more complicated than with self-signed certificates.
You need to get a reasonable understanding of how this kind of security setup works, but explaining it is outside of the scope of the forum and our tech support. There are whole parts of the OPC UA specification dedicated to it. I am willing to help, but mainly with issues that have to do with specifically with QuickOPC support for this.
Regards
Please Log in or Create an account to join the conversation.
I am getting an exception when trying to connect to an OPC UA Server (Honeywell EBI). See the details below. Browsing is Okay when using UA Expert using the same security policy and security mode.
Exception 1)
======================================================
Type: OpcLabs.BaseLib.Browsing.BrowseException
Data:
HelpLink:
HResult: -2146233088 (0x80131500)
InnerException:
OpcLabs.EasyOpc.UA.Engine.UAEngineException: UA SDK error (Opc.UA.ServiceResult=0x80130000) in 'static Session.Create'. OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
+ Connection attempt #5; last connected at 01-01-01 00:00:00 (local); unconnected for 00:32:44.2030000.
+ The endpoint URL string used was "opc.tcp://10.19.166.10:4840".
+ The client method called (or event/callback invoked) was 'BrowseMultiple[1]'. ---> OpcLabs.EasyOpc.UA.UAServiceException: OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
--- End of inner exception stack trace ---
Activity Trace:
Following (3) events were gathered during the action on activity ID [26], in the order of first occurrence:
3*Exception: {Opc.Ua.ServiceResultException} Certificate chain not complete. SubjectName: CN=GTCHVE3SA01 OPCUA Server IssuerName: CN=GTCHVE3SA01 Root CA
Data:
ErrorId_{045406CD-8EEA-4F21-B3D6-DC9DB5A34E58}: OpcLabs.UAEngine=1
7b4d9f28-22a8-41d6-93ea-e4d8c2a75da8:
((26, 1), System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
((26, 1), System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
((26, 1), System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
c3c0e69e-bf8f-4bfa-8e93-816783737e55: 26
8970fe52-aaa4-40f7-9a6e-74cdcee56724: static Session.Create
OpcLabs.EasyOpc.UA.Implementation.ErrorEnhancingEasyUAClient.Processed: True
Error Code: 1
HelpLink:
HResult: -2146232832 (0x80131600)
InnerException:
OpcLabs.EasyOpc.UA.UAServiceException: OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Data:
ErrorId_{045406CD-8EEA-4F21-B3D6-DC9DB5A34E58}: Opc.UA.ServiceResult=0x80130000
OpcLabs.EasyOpc.UA.Implementation.ErrorEnhancingEasyUAClient.Processed: True
Help Link:
HResult: -2146232832 (0x80131600)
InnerException:
Internal Code: 2148728832
Message:
OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Service Result: BadSecurityChecksFailed
Additional Info:
Description:
Inner Result: BadSecurityChecksFailed
Additional Info:
>>> Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA
--- at Opc.Ua.CertificateValidator.GetIssuersWithChainSupportEnabled(X509Certificate2Collection certificates, List`1 issuers)
--- at Opc.Ua.CertificateValidator.InternalValidateWithChainSupportEnabled(X509Certificate2Collection certificates)
--- at Opc.Ua.CertificateValidator.Validate(X509Certificate2Collection chain)
Description:
Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA
Inner Result:
Message:
Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Qualified Symbolic ID:
Expanded Text:
Is Null: True
Is Standard: True
Name:
Namespace Index: 0
Namespace URI:
Namespace URI String:
Standard Name:
Status Code: BadSecurityChecksFailed
Code Bits: 32787
Code Bits Symbol: BadSecurityChecksFailed
Condition: 19
Description: An error occurred verifying security.
Flag Bits: 0
Has Data Value Info: False
Info Type: NotUsed
Internal Value: 2148728832
Is Bad: True
Is Good: False
Is Uncertain: False
Limit Info: None
Overflow: False
Semantics Changed: False
Severity: BadOrFailure
Status Info: Error
Structure Changed: False
Text:
{BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Message: An error occurred verifying security.
Qualified Symbolic ID:
Expanded Text:
Is Null: True
Is Standard: True
Name:
Namespace Index: 0
Namespace URI:
Namespace URI String:
Standard Name:
Status Code: BadSecurityChecksFailed
Code Bits: 32787
Code Bits Symbol: BadSecurityChecksFailed
Condition: 19
Description: An error occurred verifying security.
Flag Bits: 0
Has Data Value Info: False
Info Type: NotUsed
Internal Value: 2148728832
Is Bad: True
Is Good: False
Is Uncertain: False
Limit Info: None
Overflow: False
Semantics Changed: False
Severity: BadOrFailure
Status Info: Error
Structure Changed: False
Text:
{BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Service Target Site: Void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2Collection)
DeclaringType: Opc.Ua.CertificateValidator
Module: Opc.Ua.Core.dll
Assembly: Opc.Ua.Core, Version=1.3.342.0, Culture=neutral, PublicKeyToken=6faddca41dacb409
CustomAttributes:
FullyQualifiedName: C:\Program Files (x86)\Control-See\EBO-OPC Client\BIN\Opc.Ua.Core.dll
MDStreamVersion: 131072
MetadataToken: 1
ModuleHandle: System.ModuleHandle
MDStreamVersion: 131072
ModuleVersionId: de76a6af-12bb-481b-8ef7-2df5f7a00d0a
Name: Opc.Ua.Core.dll
ScopeName: Opc.Ua.Core.dll
Source: Opc.Ua.Core
Stack Trace:
at Opc.Ua.CertificateValidator.Validate(X509Certificate2Collection chain)
at OpcLabs.EasyOpc.UA.Toolkit.Sdk.ToolkitCertificateValidator.Validate(X509Certificate2Collection chain)
at Opc.Ua.Client.Session.Open(String sessionName, UInt32 sessionTimeout, IUserIdentity identity, IList`1 preferredLocales, Boolean checkDomain)
at OpcLabs.EasyOpc.UA.Sdk.Shims.SessionShim.Create(ApplicationConfiguration configuration, ConfiguredEndpoint endpoint, Boolean updateBeforeConnect, Boolean checkDomain, String sessionName, UInt32 millisecondsSessionTimeout, Func`2 identityFunction, IList`1 preferredLocales, Action`2 domainCheckError, Action`1 setupSession, Action`1 setupTransportChannel)
at OpcLabs.EasyOpc.UA.Toolkit.Sdk.ToolkitSession.Create(ApplicationConfiguration configuration, ConfiguredEndpoint endpoint, Boolean updateBeforeConnect, Boolean checkDomain, String sessionName, UInt32 millisecondsSessionTimeout, Func`2 identityFunction, IList`1 preferredLocales, Action`2 domainCheckError, Action`1 setupTransportChannel, UAClientSessionBase clientSession)
at OpcLabs.EasyOpc.UA.Toolkit.Client.UAClientSessionBase.<>c__DisplayClass144_0.<CreateSdkSession>b__2()
at OpcLabs.EasyOpc.UA.Toolkit.UAEngineBase.PerformSdkAction(UASdkCallType callType, Func`1 usingFunction, String name, Action sdkAction)
TargetSite:
Message:
UA SDK error (Opc.UA.ServiceResult=0x80130000) in 'static Session.Create'. OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
+ Connection attempt #5; last connected at 01-01-01 00:00:00 (local); unconnected for 00:32:44.2030000.
+ The endpoint URL string used was "opc.tcp://10.19.166.10:4840".
+ The client method called (or event/callback invoked) was 'BrowseMultiple[1]'.
Source:
Stack Trace:
== Activity Trace ==
Following (3) events were gathered during the action on activity ID [26], in the order of first occurrence:
3*Exception: {Opc.Ua.ServiceResultException} Certificate chain not complete. SubjectName: CN=GTCHVE3SA01 OPCUA Server IssuerName: CN=GTCHVE3SA01 Root CA
TargetSite:
Message: Problem browsing OPC Unified Architecture nodes.
Source:
StackTrace:
TargetSite:
Exception 2)
=======================
Exceptions
Type: OpcLabs.BaseLib.Browsing.BrowseException
Data:
HelpLink:
HResult: -2146233088 (0x80131500)
InnerException:
OpcLabs.EasyOpc.UA.Engine.UAEngineException: UA SDK error (Opc.UA.ServiceResult=0x80130000) in 'static Session.Create'. OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
+ Connection attempt #5; last connected at 01-01-01 00:00:00 (local); unconnected for 00:32:44.2030000.
+ The endpoint URL string used was "opc.tcp://10.19.166.10:4840".
+ The client method called (or event/callback invoked) was 'BrowseMultiple[1]'. ---> OpcLabs.EasyOpc.UA.UAServiceException: OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
--- End of inner exception stack trace ---
Activity Trace:
Following (3) events were gathered during the action on activity ID [26], in the order of first occurrence:
3*Exception: {Opc.Ua.ServiceResultException} Certificate chain not complete. SubjectName: CN=GTCHVE3SA01 OPCUA Server IssuerName: CN=GTCHVE3SA01 Root CA
Data:
ErrorId_{045406CD-8EEA-4F21-B3D6-DC9DB5A34E58}: OpcLabs.UAEngine=1
7b4d9f28-22a8-41d6-93ea-e4d8c2a75da8:
((26, 1), System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
((26, 1), System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
((26, 1), System.Runtime.ExceptionServices.FirstChanceExceptionEventArgs)
c3c0e69e-bf8f-4bfa-8e93-816783737e55: 26
8970fe52-aaa4-40f7-9a6e-74cdcee56724: static Session.Create
OpcLabs.EasyOpc.UA.Implementation.ErrorEnhancingEasyUAClient.Processed: True
Error Code: 1
HelpLink:
HResult: -2146232832 (0x80131600)
InnerException:
OpcLabs.EasyOpc.UA.UAServiceException: OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Data:
ErrorId_{045406CD-8EEA-4F21-B3D6-DC9DB5A34E58}: Opc.UA.ServiceResult=0x80130000
OpcLabs.EasyOpc.UA.Implementation.ErrorEnhancingEasyUAClient.Processed: True
Help Link:
HResult: -2146232832 (0x80131600)
InnerException:
Internal Code: 2148728832
Message:
OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Service Result: BadSecurityChecksFailed
Additional Info:
Description:
Inner Result: BadSecurityChecksFailed
Additional Info:
>>> Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA
--- at Opc.Ua.CertificateValidator.GetIssuersWithChainSupportEnabled(X509Certificate2Collection certificates, List`1 issuers)
--- at Opc.Ua.CertificateValidator.InternalValidateWithChainSupportEnabled(X509Certificate2Collection certificates)
--- at Opc.Ua.CertificateValidator.Validate(X509Certificate2Collection chain)
Description:
Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA
Inner Result:
Message:
Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Qualified Symbolic ID:
Expanded Text:
Is Null: True
Is Standard: True
Name:
Namespace Index: 0
Namespace URI:
Namespace URI String:
Standard Name:
Status Code: BadSecurityChecksFailed
Code Bits: 32787
Code Bits Symbol: BadSecurityChecksFailed
Condition: 19
Description: An error occurred verifying security.
Flag Bits: 0
Has Data Value Info: False
Info Type: NotUsed
Internal Value: 2148728832
Is Bad: True
Is Good: False
Is Uncertain: False
Limit Info: None
Overflow: False
Semantics Changed: False
Severity: BadOrFailure
Status Info: Error
Structure Changed: False
Text:
{BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Message: An error occurred verifying security.
Qualified Symbolic ID:
Expanded Text:
Is Null: True
Is Standard: True
Name:
Namespace Index: 0
Namespace URI:
Namespace URI String:
Standard Name:
Status Code: BadSecurityChecksFailed
Code Bits: 32787
Code Bits Symbol: BadSecurityChecksFailed
Condition: 19
Description: An error occurred verifying security.
Flag Bits: 0
Has Data Value Info: False
Info Type: NotUsed
Internal Value: 2148728832
Is Bad: True
Is Good: False
Is Uncertain: False
Limit Info: None
Overflow: False
Semantics Changed: False
Severity: BadOrFailure
Status Info: Error
Structure Changed: False
Text:
{BadSecurityChecksFailed}. An error occurred verifying security.
--> {BadSecurityChecksFailed}. Certificate chain not complete.
SubjectName: CN=GTCHVE3SA01 OPCUA Server
IssuerName: CN=GTCHVE3SA01 Root CA.
Service Target Site: Void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2Collection)
DeclaringType: Opc.Ua.CertificateValidator
Module: Opc.Ua.Core.dll
Assembly: Opc.Ua.Core, Version=1.3.342.0, Culture=neutral, PublicKeyToken=6faddca41dacb409
CustomAttributes:
FullyQualifiedName: C:\Program Files (x86)\Control-See\EBO-OPC Client\BIN\Opc.Ua.Core.dll
MDStreamVersion: 131072
MetadataToken: 1
ModuleHandle: System.ModuleHandle
MDStreamVersion: 131072
ModuleVersionId: de76a6af-12bb-481b-8ef7-2df5f7a00d0a
Name: Opc.Ua.Core.dll
ScopeName: Opc.Ua.Core.dll
Source: Opc.Ua.Core
Stack Trace:
at Opc.Ua.CertificateValidator.Validate(X509Certificate2Collection chain)
at OpcLabs.EasyOpc.UA.Toolkit.Sdk.ToolkitCertificateValidator.Validate(X509Certificate2Collection chain)
at Opc.Ua.Client.Session.Open(String sessionName, UInt32 sessionTimeout, IUserIdentity identity, IList`1 preferredLocales, Boolean checkDomain)
at OpcLabs.EasyOpc.UA.Sdk.Shims.SessionShim.Create(ApplicationConfiguration configuration, ConfiguredEndpoint endpoint, Boolean updateBeforeConnect, Boolean checkDomain, String sessionName, UInt32 millisecondsSessionTimeout, Func`2 identityFunction, IList`1 preferredLocales, Action`2 domainCheckError, Action`1 setupSession, Action`1 setupTransportChannel)
at OpcLabs.EasyOpc.UA.Toolkit.Sdk.ToolkitSession.Create(ApplicationConfiguration configuration, ConfiguredEndpoint endpoint, Boolean updateBeforeConnect, Boolean checkDomain, String sessionName, UInt32 millisecondsSessionTimeout, Func`2 identityFunction, IList`1 preferredLocales, Action`2 domainCheckError, Action`1 setupTransportChannel, UAClientSessionBase clientSession)
at OpcLabs.EasyOpc.UA.Toolkit.Client.UAClientSessionBase.<>c__DisplayClass144_0.<CreateSdkSession>b__2()
at OpcLabs.EasyOpc.UA.Toolkit.UAEngineBase.PerformSdkAction(UASdkCallType callType, Func`1 usingFunction, String name, Action sdkAction)
TargetSite:
Message:
UA SDK error (Opc.UA.ServiceResult=0x80130000) in 'static Session.Create'. OPC UA service result - {BadSecurityChecksFailed}. An error occurred verifying security.
+ Connection attempt #5; last connected at 01-01-01 00:00:00 (local); unconnected for 00:32:44.2030000.
+ The endpoint URL string used was "opc.tcp://10.19.166.10:4840".
+ The client method called (or event/callback invoked) was 'BrowseMultiple[1]'.
Source:
Stack Trace:
== Activity Trace ==
Following (3) events were gathered during the action on activity ID [26], in the order of first occurrence:
3*Exception: {Opc.Ua.ServiceResultException} Certificate chain not complete. SubjectName: CN=GTCHVE3SA01 OPCUA Server IssuerName: CN=GTCHVE3SA01 Root CA
TargetSite:
Message: Problem browsing OPC Unified Architecture nodes.
Source:
StackTrace:
TargetSite:
Any idea what is causing the exception?
Thank you.
Michael
Please Log in or Create an account to join the conversation.
- Forum
- Discussions
- QuickOPC-Classic in .NET
- Browsing, Browse Dialogs and Controls
- Exception while trying to connect to an OPC UA Server