Professional OPC
Development Tools

logos

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

Guidance Needed on Connecting to OPC Server with SecurityPolicy using BrowseFrom

More
06 Sep 2023 08:48 #12067 by support
Hello.

I do not not know what you mean by "registered nodes". "Registered nodes" is a term in OPC UA, but it means something that I am 100% sure is not what you want (reference.opcfoundation.org/Core/Part4/v104/docs/5.8.5 ).

In general, the browsing is very flexible service, with many configurable parameters. The main things it depends on is 1) The starting node you specify, 2) the ndoe classes you want to return, and 3) the types of references to follow. OPC UA Expert, by default, shows "everything". In QuickOPC, you can also do that; or, you have variuos method overloads that return commonly used subsets.

One difference I know about is that UA Expert starts at "root", while you have specified ObjectsFolder as the starting node. Second, you are probably calling some method borrowed from an example which I do not know what it has inside, from its name (BrowseDataNodes.BrowseFrom), I can guess that it limits the results to just nodes that have to do with data access (we have such methods, too).

The bottom line is
- you can influence the browsing in many ways,
- if you explain what you want to achieve, I can then give the guidance on how to do it.

Next time, please create a separate forum thread with proper title (and possibly link to a related thread), because now we are working on an issue that is not at all related to "Guidance Needed on Connecting to OPC Server with SecurityPolicy ...".


Best regards

Please Log in or Create an account to join the conversation.

More
06 Sep 2023 06:37 #12065 by yong
Hello,
After specifying the OPC UA server using an IP address instead of localhost, I can retrieve the nodes properly. Thank you!
I have another question.
It seems that the node structure retrieved by UAExpert and QuickOPC is different. Is this expected? I'm trying to retrieve registered nodes, but they don't seem to be visible.



Best Regards,
Attachments:

Please Log in or Create an account to join the conversation.

More
06 Sep 2023 06:13 #12064 by support
Hello.
I am not sure if I understand your questions, so if I get it wrong, please ask again.

1. Are you asking whether it is "right" that no special coding coding is needed in QuickOPC application for it? The answer is yes, it is by design. All security policies and all message security modes are allowed by default. You can change it (restrict it) explicitly - but you do not have to. Note that for this kind of connection (Signed) to work, there will have to be client certificate (which QuickOPC creates automatically - again, unless configured differently), and the server will have to be configured to accept that certificate, and the QuickOPC client will have to be configured to accept the server certificate (by properly placing it in certificate stores), so in fact there *is* some configuration needed (but it can be outside the program, not something that is coded in).

2. If the question is whether you can somehow work around the problem you are observing: No. "opc.tcp://::1:4841/hahaha/" is wrong, and the server needs to be fixed or reconfigured. See e.g. en.wikipedia.org/wiki/URL#:~:text=A%20typical%20URL%20could%20have,name%20(%20index.html%20). which says "A host subcomponent, consisting of either a registered name (including but not limited to a hostname) or an IP address. IPv4 addresses must be in dot-decimal notation, and IPv6 addresses must be enclosed in brackets ([])" (although Wikipedia is not an authoritative source on URL syntax, I believe the answer is correct).

Best regards

Please Log in or Create an account to join the conversation.

More
06 Sep 2023 06:05 #12063 by yong
I have two more questions:

1. Internally, is it correct that the source code handles SecurityPolicy (e.g., Basic256Sha256) and MessageSecurityMode (e.g., Sign) automatically without explicit configuration?
2. Is there a specific way to handle the opc.tcp://::1:4841/hahaha/ part using the QuickOPC library?

Best Regards,

Please Log in or Create an account to join the conversation.

More
06 Sep 2023 05:30 #12062 by support
Hello.

As far as I can tell, the problem is on the server side. It returns the Endpoint URL as "opc.tcp://::1:4841/hahaha/", but it should be "opc.tcp://[::1]:4841/hahaha/".
I understand that it works in UA Expert, and I will check to see whether we cannot be more "forgiving" too. But for .NET Uri class, "opc.tcp://::1:4841/hahaha/" is an invalid URI.

Best regards

Please Log in or Create an account to join the conversation.

More
06 Sep 2023 00:31 #12061 by yong
To elaborate, I currently have an OPC UA server.
The OPC UA server is using the Security Policy: Basic256Sha256, and the Message Security Mode: Sign.
I can successfully connect to servers with the general Security Policy, Message Security Mode: None.
However, I'm unable to connect to servers where the Security Policy and Message Security Mode have been set (although connection works fine with UAExpert).
I believe there might be additional configurations needed in the source code, but I'm finding it difficult to locate the relevant information in the manual or online forums.

To answer your questions:
1. I am using QuickOPC version 5.70.1053.
2. I am using .NET6.
3 & 4. I will provide the complete log for reference.


Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware: Error: An unhandled exception has occurred while executing the request.


OpcLabs.EasyOpc.UA.OperationModel.UAException: An OPC-UA operation failure with error ID 'OpcLabs.UAEngine=4403' occurred, originating from '' and with depth of 1. The inner exception, of type "OpcLabs.EasyOpc.UA.Engine.UAEngineException", contains details about the problem.
---> OpcLabs.EasyOpc.UA.Engine.UAEngineException: Cannot preselect the best (or any) endpoint for OPC-UA client session. No suitable endpoint has been found. The server returned 1 endpoint(s).
There are several configurable settings that influence which endpoints are eligible for selection, such as the endpoint selection policy, and also parameters that influence how thorough checks of the information returned by the server are made. You may need to change the endpoint selection policy, or the additional parameters, in order to be able to connect. If you are unsure about what is causing all endpoints to be rejected, analyze the log entries generated by the component.
Candidate selection report follows.
[0:NotEligible(EndpointUrl("opc.tcp://::1:4841/hahaha/", NotAllowed(Scheme)))].
+ Connection attempt #1; last connected at 0001-01-01 오전 12:00:00 (local); unconnected for 00:00:00.
+ The client method called (or event/callback invoked) was 'BrowseMultiple[1]'.
--- End of inner exception stack trace ---
at OpcLabs.EasyOpc.UA.IEasyUAClientExtension.Browse(IEasyUAClient client, UABrowseArguments browseArguments)
at OpcLabs.EasyOpc.UA.IEasyUAClientExtension.Browse(IEasyUAClient client, UAEndpointDescriptor endpointDescriptor, UANodeDescriptor nodeDescriptor, UABrowseParameters browseParameters)
at OpcLabs.EasyOpc.UA.IEasyUAClientExtension.BrowseDataNodes(IEasyUAClient client, UAEndpointDescriptor endpointDescriptor, UANodeDescriptor nodeDescriptor)
at OPCUAWebRESTAgent.OPC.BrowseDataNodes.BrowseFromNode(EasyUAClient client, UAEndpointDescriptor endpointDescriptor, UANodeDescriptor parentNodeDescriptor) in C:\dev\work\opc\workspaces\OPCUAAgent\OPCUAWebRESTAgent\OPCUAWebRESTAgent\OPC\BrowseDataNodes.cs:line 63
at OPCUAWebAgent.Controllers.EndpointRESTController.GetNodeChildren(Int32 id, String endpointId, String parentNodeDescriptor) in C:\dev\work\opc\workspaces\OPCUAAgent\OPCUAWebRESTAgent\OPCUAWebRESTAgent\Controllers\EndpointRESTController.cs:line 169
at lambda_method163(Closure , Object , Object[] )
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.SyncObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeActionMethodAsync()
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeNextActionFilterAsync()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope)
at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

Please Log in or Create an account to join the conversation.

More
04 Sep 2023 10:06 #12060 by support
Hello.

I need following information:

1. Which QuickOPC version are you using?

2. Is your project targeting .NET Framework (4.7/4.8), or .NET Core/.NET 6/7?

3. The error message text is not complete. The provided part is the middle of it. What is at the beginning?

4. The error message text is not complete. The provided part is the middle of it. What is at the end?

Best regards

Please Log in or Create an account to join the conversation.

More
04 Sep 2023 07:26 #12059 by yong
Hello. Could you please guide me on how to connect to or read from an OPC UA server with a securityPolicy(ex:Basic256Sha256) applied?
Specifically, I'd appreciate it if you could explain how to retrieve data using the BrowseFromNode method.
With the existing source code, I can fetch data and node information well from servers without a securityPolicy applied.

Source code:
var client = new EasyUAClient();
...
if (parentNodeDescriptor != null) nodeElementCollection = BrowseDataNodes.BrowseFromNode(client, endpoint.URI, nodeDescriptor);
else nodeElementCollection = BrowseDataNodes.BrowseFromNode(client, endpoint.URI, UAObjectIds.ObjectsFolder);

ERROR: "There are several configurable settings that influence which endpoints are eligible for selection, such as the endpoint selection policy, and also parameters that influence how thorough checks of the information returned by the server are made. You may need to change the endpoint selection policy, or the additional parameters, in order to be able to connect. If you are unsure about what is causing all endpoints to be rejected, analyze the log entries generated by the component.
Candidate selection report follows."

Best Regards

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.078 seconds