Online Forums
Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.
Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.
Do not use the Contact page for technical issues.
- Forum
- Discussions
- QuickOPC-UA in COM
- Installation, Deployment
- Self-Signed Certificate not Trusted Error When Deploying CPP Application
Self-Signed Certificate not Trusted Error When Deploying CPP Application
27 Nov 2019 18:12 #8050
by support
Replied by support on topic Self-Signed Certificate not Trusted Error When Deploying CPP Application
Thank you.
I am not sure about what has caused this, but - was there ever a different (older) version of QuickOPC on that machine? If so, the problem pis probably related to the upgrade. The error message (MissingFieldException) looks like than an incorrect version of the (OpcUANodeSet) assembly is being loaded.
Best regards
I am not sure about what has caused this, but - was there ever a different (older) version of QuickOPC on that machine? If so, the problem pis probably related to the upgrade. The error message (MissingFieldException) looks like than an incorrect version of the (OpcUANodeSet) assembly is being loaded.
Best regards
Please Log in or Create an account to join the conversation.
27 Nov 2019 12:16 #8044
by Holbach
Replied by Holbach on topic Self-Signed Certificate not Trusted Error When Deploying CPP Application
Apologies, I meant to attach the log to the first post - going back now I don't see it attached. I have attached it here.
The last three lines from that file:
An exception of type 'System.MissingFieldException' from source 'OpcLabs.EasyOpcUA' has occurred in OPC-UA guarded operation 'SessionConnector.ConnectFunc'. The exception descend follows.
(1) {System.MissingFieldException} OpcLabs.EasyOpcUA(SetupSdkSessionEncodeableTypes) -> Field not found: 'Opc.Ua.Gds.DataTypeIds.ApplicationRecordDataType'.
11:58:22|11/22/19|10005390|MainServiceThread|Named Pipe Created
The last three lines from that file:
An exception of type 'System.MissingFieldException' from source 'OpcLabs.EasyOpcUA' has occurred in OPC-UA guarded operation 'SessionConnector.ConnectFunc'. The exception descend follows.
(1) {System.MissingFieldException} OpcLabs.EasyOpcUA(SetupSdkSessionEncodeableTypes) -> Field not found: 'Opc.Ua.Gds.DataTypeIds.ApplicationRecordDataType'.
11:58:22|11/22/19|10005390|MainServiceThread|Named Pipe Created
Please Log in or Create an account to join the conversation.
27 Nov 2019 07:55 #8038
by support
Replied by support on topic Self-Signed Certificate not Trusted Error When Deploying CPP Application
Hello, thank you for update. I do not think that registration of COM objects is related to this, however I cannot be sure because you wrote something confusing to me:
"The resulting log file ends with the same "Field not Found" error."
But, I do not think you have reported anything similar to this before. I cannot find any mention of "Field not Found". Can you please clarify - and also include the log/message details, for me to understand whatyou are actually talking about?
Thank you
"The resulting log file ends with the same "Field not Found" error."
But, I do not think you have reported anything similar to this before. I cannot find any mention of "Field not Found". Can you please clarify - and also include the log/message details, for me to understand whatyou are actually talking about?
Thank you
Please Log in or Create an account to join the conversation.
26 Nov 2019 16:19 #8034
by Holbach
Replied by Holbach on topic Self-Signed Certificate not Trusted Error When Deploying CPP Application
Thank you for that - unfortunately it did not do the trick. The resulting log file ends with the same "Field not Found" error. We re-installed the toolkit and did a full install - rather than a production install - and that seems to have done the trick. We are going to keep an eye on this and see if that fix is repeatable on other systems having the same issue. Is it possible that certain COM objects did not properly register during the install and that caused the errors we are seeing here?
Please Log in or Create an account to join the conversation.
26 Nov 2019 05:30 #8019
by support
Replied by support on topic Self-Signed Certificate not Trusted Error When Deploying CPP Application
Hello,
this looks like that for an unknown reason, the apps own certificate is not trusted.
I can only guess that things got somehow mixed in the certificate stores. Can you please try the steps described further below.
1. Download, install and run (with elevated privileges) the UA Configuration Tool - see kb.opclabs.com/UA_Configuration_Tool_Overview .
2. Switch to the Manage Certificates tab.
3. Verify that you have ".... UA Appplications" in the Store Path field.
4. Press View Certificates.
5. Locate any certificate that look "yours". Their name will be based on the name the app that has the issue. Select each such certificate, right-click on it, select Delete, and confirm. If you do not have other UA apps on your computer to be concerned about, you can delete all certificate that you see. When done, press OK.
6. click on the drop-down next to "Store Path", and select "... Machine Default".
7. Repeat steps 4 and 5 on the Machine Default store.
8. Close the UA Configuration Tool.
Then, try to run the app again. Make sure you run it - at least the first time - with elevated (admin) privileges. They are usually needed to store new certs into the certificate stores.
This may help - let me know about the outcome. If it doesn't, we will try further.
Best regards
this looks like that for an unknown reason, the apps own certificate is not trusted.
I can only guess that things got somehow mixed in the certificate stores. Can you please try the steps described further below.
1. Download, install and run (with elevated privileges) the UA Configuration Tool - see kb.opclabs.com/UA_Configuration_Tool_Overview .
2. Switch to the Manage Certificates tab.
3. Verify that you have ".... UA Appplications" in the Store Path field.
4. Press View Certificates.
5. Locate any certificate that look "yours". Their name will be based on the name the app that has the issue. Select each such certificate, right-click on it, select Delete, and confirm. If you do not have other UA apps on your computer to be concerned about, you can delete all certificate that you see. When done, press OK.
6. click on the drop-down next to "Store Path", and select "... Machine Default".
7. Repeat steps 4 and 5 on the Machine Default store.
8. Close the UA Configuration Tool.
Then, try to run the app again. Make sure you run it - at least the first time - with elevated (admin) privileges. They are usually needed to store new certs into the certificate stores.
This may help - let me know about the outcome. If it doesn't, we will try further.
Best regards
Please Log in or Create an account to join the conversation.
25 Nov 2019 23:04 #8018
by Holbach
We are seeing the following error when deploying a C++ application on some machines. This does not happen on all machines this application is deployed to:
+ The SDK action called was "ApplicationInstance.CheckApplicationInstanceCertificate".
+ Following (5) events were gathered during the action on activity ID [1], in the order of first occurrence:
SDK trace: Checking application instance certificate.
SDK trace: Checking application instance certificate. CN=Station_Service, DC=L4OP-SP
Exception: {Opc.Ua.ServiceResultException} Self Signed Certificate is not trusted. IssuerName: CN=Station_Service, DC=L4OP-SP
SDK trace: Certificate 'CN=Station_Service, DC=L4OP-SP' rejected. Reason=BadCertificateUntrusted
SDK trace: Writing rejected certificate to directory: [Directory]ommonApplicationData\OPC Foundation\CertificateStores\RejectedCertificates
+ The error occurred while creating or checking the (client) application instance certificate. Check event log entries for errors and warnings.
+ The certificate generator path was "C:\ClydeInline\Station\Opc.Ua.CertificateGenerator.exe".
+ This is an engine-level error.DataChangeNotification Exception OpcLabs.EasyOpc.UA.UAServiceException: OPC-UA service result - Self Signed Certificate is not trusted.
IssuerName: CN=Station_Service, DC=L4OP-SP = BadCertificateUntrusted.
The application certificate is being generated as expected but being moved to the RejectedCertificates directory (as the error suggests). Code wise there is no difference between systems where the certificate is accepted, and machines where the certificate is not accepted.
Version in use here is 5.54.1156.1. I have attached the content of the log file generated when hooking into the UAClient LogEntry Event Handler.
Is there something obvious that I am missing here?
+ The SDK action called was "ApplicationInstance.CheckApplicationInstanceCertificate".
+ Following (5) events were gathered during the action on activity ID [1], in the order of first occurrence:
SDK trace: Checking application instance certificate.
SDK trace: Checking application instance certificate. CN=Station_Service, DC=L4OP-SP
Exception: {Opc.Ua.ServiceResultException} Self Signed Certificate is not trusted. IssuerName: CN=Station_Service, DC=L4OP-SP
SDK trace: Certificate 'CN=Station_Service, DC=L4OP-SP' rejected. Reason=BadCertificateUntrusted
SDK trace: Writing rejected certificate to directory: [Directory]ommonApplicationData\OPC Foundation\CertificateStores\RejectedCertificates
+ The error occurred while creating or checking the (client) application instance certificate. Check event log entries for errors and warnings.
+ The certificate generator path was "C:\ClydeInline\Station\Opc.Ua.CertificateGenerator.exe".
+ This is an engine-level error.DataChangeNotification Exception OpcLabs.EasyOpc.UA.UAServiceException: OPC-UA service result - Self Signed Certificate is not trusted.
IssuerName: CN=Station_Service, DC=L4OP-SP = BadCertificateUntrusted.
The application certificate is being generated as expected but being moved to the RejectedCertificates directory (as the error suggests). Code wise there is no difference between systems where the certificate is accepted, and machines where the certificate is not accepted.
Version in use here is 5.54.1156.1. I have attached the content of the log file generated when hooking into the UAClient LogEntry Event Handler.
Is there something obvious that I am missing here?
Please Log in or Create an account to join the conversation.
Moderators: support
- Forum
- Discussions
- QuickOPC-UA in COM
- Installation, Deployment
- Self-Signed Certificate not Trusted Error When Deploying CPP Application
Time to create page: 0.054 seconds