Online Forums
Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.
Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.
Do not use the Contact page for technical issues.
- Forum
- Discussions
- QuickOPC-UA in .NET
- Connections, Reconnections, Certificates
- Deadlock involving UAClientEngineBase.Reconnector
Deadlock involving UAClientEngineBase.Reconnector
thank you for the additional information.
I am not answering your question on purpose, because, as you will see from my explanation below, client-side checks have nothing to do with this particular issue.
This error is reported *by the server*. The client cannot ignore it even if it wanted to - the server does not actually open the session.
What has happened is your application is now reusing the client certificate from some previous run with an older version, but it has changed its OPC UA Application Uri (which gets determined automatically unless you want to set is explicitly); the change has occurred because we have changed the default way the OPC UA Application Uri is created.
The recommended solution is to remove the application certificate from the certificate store, which will cause your app to regenerate the certificate - now with the proper Application Uri - and then reestablish the trust on the server side.
The alternative solution would be to keep the old certificate (and no need to reestablish the trust on the server), but set the application URI explicitly in your application code.
Either way you decide, if you need more instructions, let me know and I will guide you through.
Best regards
Please Log in or Create an account to join the conversation.
UA SDK error (Opc.UA.ServiceResult=0x80170000) in 'static Session.Create'. OPC UA service result - {BadCertificateUriInvalid}. The URI specified in the ApplicationDescription does not match the URI in the certificate. BadCertificateUriInvalid
+ Connection attempt #3; last connected at 01/01/0001 00:00:00 (local); unconnected for 00:01:07.0630000.
+ This error can be reported by the OPC-UA server if the client application URI has changed but an old application instance certificate was kept. Try to remove and recreate the application instance certificate.
+ Application URI from the effective application manifest: uri:Laptop-Stijn:Arkite%20Workstation:1
+ Own certificate subject URL name from certificate sub-id "": urn:Laptop-Stijn:Arkite Workstation
+ The client method called (or event/callback invoked) was 'BrowseMultiple[1]'.
What about my other question on disabling the checks all together?
Please Log in or Create an account to join the conversation.
The [...] in the message texts means that there is more information available. Please display the the ErrorMessage (Message) of the operation result or exception instead (currently this is just ToString() or ErrorMessageBrief/GetMessageBrief()), that will give us more information. I cannot reasonably answer your questions without this information. For example, the BadCertificateUriInvalid may (or may not) actually come from the server, and may be complaining about the client certificate.
Regards
Please Log in or Create an account to join the conversation.
UA SDK error (Opc.UA.ServiceResult=0x80170000) in 'static Session.Create'. OPC UA service result - {BadCertificateUriInvalid}. The URI specified in the
ApplicationDescription does not match the URI in the certificate. BadCertificateUriInvalid [...]
The mismatch seems to be there indeed, connecting to "opc.tcp://localhost:49320" does not match the certificate (this worked in version 5.63):
Server certificate:
X509v3 Subject Alternative Name:
URI:urn:Laptop-Stijn:Kepware.KEPServerEX.V6:UA%20Server, DNS:Laptop-Stijn
But connecting to "opc.tcp://Laptop-Stijn:49320" produces this error:
UA SDK error (Opc.UA.ServiceResult=0x808A0000) in 'DiscoveryClient.GetEndpoints'. OPC UA service result - Error establishing a connection: BadNotConnected. [...]
In an attempt to temporarily get around this, I tried below code, but it still doesn't accept the server certificate. What else needs to be set for it to ignore certificates?
var parameters = EasyUAClientCore.SharedParameters.EngineParameters;
var policy = UACertificateAcceptancePolicy.TestingInsecure;
parameters.CertificateAcceptancePolicy = policy;
parameters.HttpsCertificateAcceptancePolicy = policy;
So my questions are:
- How can I get the certificates working again?
- Can I (temporarily) disable certificate checks all together?
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
I have created a new console project targeting .NET Framework 4.7.2. I have then added following NuGet packages:
- "OpcLabs.QuickOpc" version="5.80.82 (our latest)
- "Lamar" version="8.1.0" (this appears to be the latest Lamar that supports .NET Framework)
I was then able to successfully build the project (no conflict), and it also appears to run. I admitably have not tested further, i.e. cannot tell at the moment if everything works as supposed.
So I do not see any reason why using latest QuickOPC would prevent you from using Lamar under .NET Framework 4.7.2.
The project is attached.
Best regards
Attachments:
Please Log in or Create an account to join the conversation.
My software => QuickOPC => OPCFoundation => Micrsoft.AspNetCore.Server.Kestrel => Microsoft.Extensions.DependencyInjection.Abstractions
My software => Lamar => Microsoft.Extensions.DependencyInjection.Abstractions
QuickOPC demands (via-via) a recent version of Microsoft.Extensions.DependencyInjection.Abstractions, which can only work with a recent version of Lamar (>=7.0). That recent version of Lamar no longer supports .Net framework.
So possible solutions are:
- QuickOPC to have lower (via-via) version restrictions on Microsoft.Extensions.DependencyInjection.Abstractions, so that I can keep on using an old version
- for me to ditch Lamar in favor of another DI implementation
- for me to upgrade to .Net 6-9
Neither is going to happen short-term I believe. I'm now testing with QuickOPC 2022.1, which is the latest one to work with old version of Microsoft.Extensions.DependencyInjection.Abstractions (5.0).
Please Log in or Create an account to join the conversation.
I do not see a dependency of Microsoft.Extensions.DependencyInjection.Abstractions on Lamar. Are you sure you are interpreting the problem right?
Regards
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
I cannot give opinion to your explanation of the dependency conflict, because while "Micrsoft.AspNetCore.Server.Kestrel" is a concrete NuGet package (although misspelled, it should be "Microsoft.AspNetCore.Server.Kestrel", and Lamar is a concrete NuGet package as well, I suppose this one: www.nuget.org/packages/Lamar , I have no idea what it is you refer to as "MS DI abstraction". I would need the true package names involved in the confllict. Or, does the error message truly refer to "MS DI abstraction"? Can you provide it then in full?
Best regards
Please Log in or Create an account to join the conversation.
- Forum
- Discussions
- QuickOPC-UA in .NET
- Connections, Reconnections, Certificates
- Deadlock involving UAClientEngineBase.Reconnector