Professional OPC
Development Tools

logos

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

QuickOPC on Windows Server by Apache webserver

More
10 Mar 2023 10:44 #11614 by Pala
for your information this is code

$ClientManagement = new COM("OpcLabs.EasyOpc.UA.EasyUAClientManagement");
$ClientManagement->SharedParameters->EngineParameters->ApplicationParameters->ApplicationManifest->InstanceOwnStorePath = "C:\\ProgramData\\OPC Foundation\\CertificateStores\\MachineDefault";
$ClientManagement->SharedParameters->EngineParameters->ApplicationParameters->ApplicationManifest->InstanceTrustedStorePath = "C:\\ProgramData\\OPC Foundation\\CertificateStores\\UA Applications";

Please Log in or Create an account to join the conversation.

More
10 Mar 2023 10:39 #11613 by Pala
ckeck done but same error

Please Log in or Create an account to join the conversation.

More
24 Feb 2023 11:23 #11572 by support
Hello.

Can you please configure the certificate stores paths to absolute directories, similar to what the following example does:

 
// This example demonstrates how to configure the location of the certificate stores to directories specified by absolute
// paths.
 
 
// The management object allows access to static behavior.
$ClientManagement = new COM("OpcLabs.EasyOpc.UA.EasyUAClientManagement");
 
// Set the application certificate store paths.
// Note that this only works once in each host process.
// If this code is used in a Web application, make sure it is executed at the beginning of every page that can be used to
// enter your application. You will most likely make it into a subroutine then.
$ClientManagement->SharedParameters->EngineParameters->ApplicationParameters->ApplicationManifest->InstanceIssuerStorePath =
"C:\\MyCertificateStores\\UA Certificate Authorities";
$ClientManagement->SharedParameters->EngineParameters->ApplicationParameters->ApplicationManifest->InstanceOwnStorePath =
"C:\\MyCertificateStores\\Machine Default";
$ClientManagement->SharedParameters->EngineParameters->ApplicationParameters->ApplicationManifest->InstanceTrustedStorePath =
"C:\\MyCertificateStores\\UA Applications";
$ClientManagement->SharedParameters->EngineParameters->ApplicationParameters->ApplicationManifest->RejectedStorePath =
"C:\\MyCertificateStores\\RejectedCertificates";
 
// Do something - invoke an OPC read, to trigger creation of the certificate.
$Client = new COM("OpcLabs.EasyOpc.UA.EasyUAClient");
try
{
$value = $Client->ReadValue(
//"opcua.demo-this.com:51211/UA/SampleServer",
"opc.tcp://opcua.demo-this.com:51210/UA/SampleServer",
"nsu=http://test.org/UA/Data/ ;i=10853");
}
catch (com_exception $e)
{
printf("*** Failure: %s\n", $e->getMessage());
}
 
printf("Finished.\n");
 



The locations (the 4 locations must be different!) can be your own directories, or it can even be the "C:\ProgramData\OPC Foundation\CertificateStores\...." locations - the point is that they are fully specified, as opposed to the internal default which uses "%name%" replacement symbols, and it looks like the replacements are sometimes returning an empty string (and sometimes not).

I cannot be sure that this fixes the issue, but it is definitely worth testing.

Best regards

Please Log in or Create an account to join the conversation.

More
23 Feb 2023 18:45 #11568 by support
Thank you. I will set up a computer with the software you indicated and try to reproduce.

Also, you have asked "we can set right path in a conf file?".

Answer: Not in a config file easily, but from the PHP program itself, it can be done. As there is an indication that the problem might be caused by improper "replacement" of symbolic directory name, we can try to configure the store location using fully absolute path. So before even doing the computer setup I indicated above, I will prepare a piece of PHP code for you to try out, with the absolute path configuration for the cert stores.

Will post here when I have that.

Regards

Please Log in or Create an account to join the conversation.

More
23 Feb 2023 17:45 #11567 by Pala
ok link with all information you need

77.39.213.123/info.php

Php 8.1.3
Apache 2.4.55
Windows Server 2022

but in link you have all information

Please Log in or Create an account to join the conversation.

More
23 Feb 2023 15:08 #11563 by support
Hello.

I need a computer/reproducible scenario that I can troubleshoot on our side. It is not something that can be done in a few minutes remotely. We are talking about extensive work. With our source code on the computer, and running the whole thing under the debugger.

Whether the Web site is accessed from localhost or through public IP should make no difference.

The private key should be under the "private" folder in the .PFX file. And yes, it looks like there is something wrong with how the paths are determined. But I do not know precisely what that is.

If this is a problem that is general, and not caused by some misconfiguration on your server, it should be possible to reproduce it on a different computer. I originally thought that installing WampServer would be sufficient, but it was not. So I can do it closer to your setup, but you need to tell me as precisely as possible how you have set it up.

So far I know you have Windows Server 2022. OK I can take that.
And I know you are using Apache Web server. And I do not know which version. And I do not know the installation procedure you have taken. And the configuration steps made to expose your Web page inside the Apache server. Web You need to tell me these things as precisely as possible. Because if you don't, and I do it differently, and it
would not show the problem, it won't bring us any further.

Regards

Please Log in or Create an account to join the conversation.

More
23 Feb 2023 11:08 #11562 by Pala
bad news... not run again

same error

Fatal error: Uncaught com_exception: <b>Source:</b> Opc.Ua.Configuration<br/><b>Description:</b> OPC UA service result - {BadConfigurationError}. Cannot access certificate private key. Subject=CN=CGI / FastCGI. Cannot access certificate private key. Subject=CN=CGI / FastCGI in C:\Apache24\htdocs\test.php:9 Stack trace: #0 C:\Apache24\htdocs\test.php(9): com->ReadValue('opc.tcp://192.1...', 'nsu=http://www....') #1 {main} thrown in C:\Apache24\htdocs\test.php on line 9

if you read the error... Cannot access certificate private key. Subject=CN=CGI / FastCGI

but where QuickOPC looking for this certificate private key?
is a path problem? we can set right path in a conf file?

our operation ambient i Windows server 2022 on public ip not Wamp that work in localhost
we use Apache http server

if you want can give you access by Anydesk (remote control) e can see togheter directly... possible?
can book a Google Meet and after give you access

we can open VPN to remote server OPC-UA
after we have test.php file that drive le connection to opc

this our file test.php ###########

<?php
error_reporting(E_ALL & ~E_NOTICE);
ini_set("display_errors", 1);
ini_set('max_execution_time', 0);
/*phpinfo();**/

$opc = 'opc.tcp://192.168.0.180:4840';
$db = 'nsu=http://www.siemens.com/simatic-s7-opcua ;ns=3;s="DB180_UPPERCOM_OPCUA"."%s"."%s"';
$Client = new COM("OpcLabs.EasyOpc.UA.EasyUAClient");
print_r($Client->ReadValue($opc, sprintf($db, 'JobStatusInfo', 'IdentificativoLavorazione')));
print_r($Client->ReadValue($opc, sprintf($db, 'JobStatusInfo', 'JobStatus')));

Please Log in or Create an account to join the conversation.

More
23 Feb 2023 09:26 #11560 by support
Thank you,

I understand now.
However, the workaround is not "nice".

I would be willing to hunt for the root cause if I had a reproducible scenario. I still believe it largely depends on how the Apache/PHP was installed and configured on your computer (because it works OK with the procedure I laid out). Note that I also tested with switching my configuration to FastCGI (using these instructions: folio3.com/blog/how-to-configure-fastcgi-on-wamp ). That gave me the certificate with the same name as yours (except for the thumbprint), but it still worked fine for me, i.e. no repro.

If you have instructions how to set up a computer from scratch that would exhibit the problem, or can deliver a VM image which already has the problem, I will investigate further.

Best regards

Please Log in or Create an account to join the conversation.

More
22 Feb 2023 13:58 #11559 by Pala
We fixed it by moving the Apache folder to the same path as the OPC Foundation folder

When the connection is established for the first time an OPC Foundation folder is created in the root but then it can also be deleted and it is not recreated until the httpd service is stopped

The launch of apache must take place from the path c:\ProgramData\Apache24\bin\httpd.exe with the normal user

Please Log in or Create an account to join the conversation.

More
22 Feb 2023 12:39 #11558 by support
Hello.

I am glad that it works, thank you for update. However, due to number of typos and the briefness of your post, I cannot figure out what you did - and it would useful to know, for me and for others who may have similar issue.

Can you please re-read your post, and enhance/correct it so that is is clear what has been made?

Many thanks

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.122 seconds