Online Forums
Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.
Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.
Do not use the Contact page for technical issues.
- Forum
- Discussions
- QuickOPC-UA in .NET
- Connections, Reconnections, Certificates
- EasyUAClient - browsing, user authentication with a certificate, etc.
EasyUAClient - browsing, user authentication with a certificate, etc.
The server certificate could not be validated on the client side, but since you have set the client to accept all certificates, it gets accepted anyway - that's the "fallback method". In that sense, I do not see anything wrong or unexpected there.
The important lines of the log are these - near the end:
3128 - 16:56:50.557 CreateSession Called. RequestHandle=1, PendingRequestCount=1
3128 - 16:56:53.167 CreateSession Completed. RequestHandle=1, PendingRequestCount=0
3128 - 16:56:53.198 Create session failed with client certificate NULL. No such host is known
3128 - 16:56:53.198 CreateSession Called. RequestHandle=2, PendingRequestCount=1
3128 - 17:06:50.574 ***EXCEPTION*** BadRequestTimeout
3128 - 17:06:53.199 ***EXCEPTION*** BadRequestTimeout
3128 - 17:06:53.215 CreateSession Completed. RequestHandle=2, PendingRequestCount=0
What is means is that we have first tried to call the CreateSession service on the server with a NULL client certificate (because the security policy = None). When this fails (which is allowed), we re-try the CreateSession with the client certificate we have. This call blocks for 10 minutes on the server side, and afterwards it fails with "BadRequestTimeout" error..
You need to resolve the problem on the server side.
Best regards
---> ADDED LATER:
1. Actually, the 10 minutes are probably not caused by the server - it is yet another ("operation") timeout, this time on the UA Stack level.
2. There is one remaining (but unlikely) thing I need to check, whether the "block" cannot be on our side. In case I find anything, I will post it here.
Please Log in or Create an account to join the conversation.
It seems the certificate doesn't have been accepted, despect of the message was given in previous debug log
Hope it will be helpful to find the solution,The server certificate has been accepted for the OPC-UA client session to endpoint URL "opc.tcp://xxx:yyy@DiscoveryServer:4841/" by a fallback method.
Thank you,
Regards
Please Log in or Create an account to join the conversation.
Then please rebuild your app and make the test again. Of course I would be interested in seeing the generated log.
Best regards
Please Log in or Create an account to join the conversation.
Thanks,
Regards
Please Log in or Create an account to join the conversation.
Please read the document attached to this post (plus the mentioned configuration file contents is attached as well). The QuickOPC build described in the document is not yet ready; if all goes well, it should be available tomorrow.
Best regards
Please Log in or Create an account to join the conversation.
We tried run same program pointing to sample server opc.tcp://localhost:51210/UA/SampleServer, removing only UserIdentity setting on IsolatedParameters.Session, it works well. Attached the output:
At your disposal for any further information or test.
Regards
Please Log in or Create an account to join the conversation.
We have deeper layers of diagnostics inside the component, but they are currently only for our internal purposes and not exposed to the developer. What I plan to do is to make it possible for them be enabled for customer usage as well, and make a new build of QuickOPC that you will then run and obtain further info. This will, however, need some time. Currently I think it could be ready on Friday, or after the weekend.
An additional question: What happens if you replace your server's endpoint URL with that of the test server installed with the product (e.g. opc.tcp://localhost:51210/UA/SampleServer )?.
Please Log in or Create an account to join the conversation.
We are using the last version of QuickOPC (5.3).
Thank you,
Regards
Please Log in or Create an account to join the conversation.
Do you have access to the server side? Can you check whether there isn't something on the server, waiting e.g. for user input?
I am asking this question because (similarly to clients), some servers behave in this way - the first time they are presented with a client application certificate, and it cannot be found or validated they show a dialog box, prompting the user to confirm whether the certificate should be accepted. This can block the server side.
Please indicate whether you are using QuickOPC version 5.23 or 5.31. Based on this, I will check whether we can enable some additional diagnostics.
Please Log in or Create an account to join the conversation.
we reply below, point over point
1. Yes, we always got this error (read has never succeeded); as information, a "read node" operation on test program "UA Sample Client" return a result in less than 4 sec;
2. Yes, exeption is thrown after exactly 60000 ms (we're using this default timeout)
3. Yes, no popup or messages are shown during the operation (console log stops for long time in the following position
, then returns the error after specified timeout.The server certificate has been accepted for the OPC-UA client session to endpoint URL "opc.tcp://xxx:yyy@DiscoveryServer:4841/" by a fallback method.
Certificate information: [Subject]
CN=MyEndpointServer@MyEndpoint, OU=Development, O=TestServerDomain, L=MyEndpoint, C=DE, DC=MyEndpoint
[Issuer]
CN=MyEndpointServer@MyEndpoint, OU=Development, O=TestServerDomain, L=MyEndpoint, C=DE, DC=MyEndpoint
[Serial Number]
54088E42
[Not Before]
04/09/2014 18:07:14
[Not After]
03/09/2019 18:07:14
[Thumbprint]
CBC95E4FA05B1AA8031B97FFE8D46A9BE22A8CF9
4. Server addresses, passwords and other informations are hidden for privacy as requested by customer. Unfortunately we don't know data, because OPC-UA server is "blinded" and managed completely by our customer.
Finally, we commented UAEndpointDescriptor setting for Username and Password, but program still give the error.
Thank you,
Regards
Please Log in or Create an account to join the conversation.
- Forum
- Discussions
- QuickOPC-UA in .NET
- Connections, Reconnections, Certificates
- EasyUAClient - browsing, user authentication with a certificate, etc.