Online Forums
Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.
Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.
Do not use the Contact page for technical issues.
- Forum
- Discussions
- QuickOPC-UA in COM
- Discovery, Browsing, Browse Dialogs and Controls
- Browse Nodes OPC-UA in Delphi
Browse Nodes OPC-UA in Delphi
I would say, don't bother with it if you got it working now. But I would definitely inform Siemens that we think that returning an empty signature algorithm, is against the spec.
Best regards
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
With the unsecured endpoint disabled, I couldn't manage to connect to the secured endpoint, not even with UaExpert. But if we enable the unsecured endpoint and disable the secured one, then it's working. This seems to be enough for us for now. Thanks again for your help!
Please Log in or Create an account to join the conversation.
Could you modify your browser window with my example url and the two new lines (isolated...) and provide it as a ready-to-use test program? I could then run it here and send you the exception output.
I also tried to find the two options in the properties of your browsedialog, but I didn't find them.
Please Log in or Create an account to join the conversation.
Thank you
Please Log in or Create an account to join the conversation.
mOPCUAClient := TEasyUAClient.Create(nil);
mOPCUAClient.Isolated := true;
mOPCUAClient.IsolatedParameters.SessionParameters.EndpointSelectionPolicy.AllowedMessageSecurityModes := UAMessageSecurityModes_SecurityNone;
EndpointDescriptor := CoUAEndpointDescriptor.Create;
EndpointDescriptor.UrlString := 'opc.tcp://192.168.1.2:4870';
NodeDescriptor := CoUANodeDescriptor.Create;
NodeDescriptor.NodeId.StandardName := 'Objects';
BrowseParameters := CoUABrowseParameters.Create;
BrowseParameters.NodeClasses := UANodeClass_All;
lclNodes := mOPCUAClient.BrowseNodes(EndpointDescriptor, NodeDescriptor, BrowseParameters);
Am I still missing something?
Please Log in or Create an account to join the conversation.
client.Isolated = true;
client.IsolatedParameters.SessionParameters.EndpointSelectionPolicy.AllowedMessageSecurityModes = UAMessageSecurityModes.SecurityNone;
Please Log in or Create an account to join the conversation.
I think, there is no demo version of this server as it's included in a Siemens Touchpanel. So you can just test it if you have this piece of hardware.
Please Log in or Create an account to join the conversation.
Related info: The problem appears to be in the response returned by the CreateSession call to the server. Spec Part 4, chapter 5.6.2, 5.6.2.2. The server returns serverSignature (SignatureData) that should be as follows:
This is a signature generated with the private key associated with the serverCertificate. This parameter is calculated by appending the clientNonce to the clientCertificate and signing the resulting sequence of bytes.
The SignatureAlgorithm shall be the AsymmetricSignatureAlgorithm specified in the SecurityPolicy for the Endpoint.
The SignatureData type is defined in 7.32.
Here the server returns an empty string for the SignatureAlgorithm. But for the Security of the Endpoint you are using (which is either Basic256 or Basic128Rsa15), the algorithm should be RsaSha1. This is specified in OPC UA spec Part 7 - Profiles, where (under 5.3 Transport and communication related features), it requires
for these two security policies.AsymmetricSignatureAlgorithm – RsaSha1 – (www.w3.org/2000/09/xmldsig#rsa-sha1)
I am surprised that this works with UaExpert, but my guess is that with UaExpert, you are connecting to a different endpoint, possibly unsecured one. Can you please check precisely which endpoint you are connecting to with UaExpert?
In QuickOPC, you normally do not specify the endpoint so precisely - the selection of the endpoint is done using policies. Therefore you may end up with a different one, albeit on the same URL. If this proves to be the issue, I can later show you how to influence the selection of the endpoint in QuickOPC.
Is (a demo version of) this server available somewhere for download or test?
Best regards
Please Log in or Create an account to join the conversation.
- Forum
- Discussions
- QuickOPC-UA in COM
- Discovery, Browsing, Browse Dialogs and Controls
- Browse Nodes OPC-UA in Delphi