opc ua - OPC UA Secure Connection C# -
i trying establish secure connection using opcua client wiht beckhoff server. error control certificate not trusted. suggestions on how proceed here?
public bool connect(string url) { // todo implement security // select best endpoint. endpointdescription endpointdescription; try { endpointdescription = clientutils.selectendpoint(url, true); } catch { return false; } endpointdescription.securitypolicyuri = securitypolicies.basic128rsa15; endpointdescription.securitymode = messagesecuritymode.signandencrypt; endpointconfiguration endpointconfiguration = endpointconfiguration.create(appconfig()); configuredendpoint endpoint = new configuredendpoint(null, endpointdescription, endpointconfiguration); m_session = session.create( appconfig(), endpoint, false, false, "experiment", 60000, useridentety, preferredlocales); // set keep alive callback. // todo verbindungsabbrüche behandeln //m_session.keepalive += new keepaliveeventhandler(session_keepalive); return m_session.connected; } error:
2016-07-06 14:34:58.6683|error|control|certificate not trusted. subjectname: cn=tcopcuaserver@192.168.3.222, ou=unit, o=organization, l=locationname, c=de, dc=cx-25c711 issuername: cn=tcopcuaserver@192.168.3.222, ou=unit, o=organization, l=locationname, c=de, dc=cx-25c711 bei opc.ua.certificatevalidator.validate(x509certificate2collection chain) in c:\vipa_opc_netclient\uanet\stack\core\security\certificates\certificatevalidator.cs:zeile 249.bei opc.ua.certificatevalidator.validate(x509certificate2 certificate) in c:\vipa_opc_netclient\ua-net\stack\core\security\certificates\certificatevalidator.cs:zeile 161. bei opc.ua.client.session.open(string sessionname, uint32 sessiontimeout, iuseridentity identity, ilist`1 preferredlocales) in c:\opc_netclient\ua-net\sampleapplications\samplelibraries\client\session.cs:zeile 1980. bei opc.ua.client.session.create(applicationconfiguration configuration, configuredendpoint endpoint, boolean updatebeforeconnect, boolean checkdomain, string sessionname, uint32 sessiontimeout, iuseridentity identity, ilist`1 preferredlocales) in c:\opc_netclient\ua-net\sampleapplications\samplelibraries\client\session.cs:zeile 818. bei performancetest.experiment.connect(string url) in c:\opc_netclient\performancetest\experiment.cs:zeile 210. bei performancetest.mainform.runexperiment() in c:\opc_netclient\performancetest\mainform.cs:zeile 148. 2016-07-06 14:34:58.6683|error|control|certificate not trusted. subjectname: cn=tcopcuaserver@192.168.3.222, ou=unit, o=organization, l=locationname, c=de, dc=cx-25c711 issuername: cn=tcopcuaserver@192.168.3.222, ou=unit, o=organization, l=locationname, c=de, dc=cx-25c711 bei opc.ua.certificatevalidator.internalvalidate(x509certificate2collection certificates) in c:\vipa_opc_netclient\ua-net\stack\core\security\certificates\certificatevalidator.cs:zeile 755. bei opc.ua.certificatevalidator.validate(x509certificate2collection chain) in c:\vipa_opc_netclient\ua-net\stack\core\security\certificates\certificatevalidator.cs:zeile 189. 2016-07-06 14:34:58.6933|error|control|der objektverweis wurde nicht auf eine objektinstanz festgelegt. bei performancetest.experiment.disconnect() in c:\opc_netclient\performancetest\experiment.cs:zeile 254. bei performancetest.mainform.runexperiment() in c:\opc_netclient\performancetest\mainform.cs:zeile 168. 2016-07-06 14:34:58.6933|info|control|done running experiment
the validation of certificate failling, because cn on certificate not trusted server.i suppose generated certificate yourself, maybe tcopcuaserver@192.168.3.222 not considered valid server.i don´t know how beckhoff server works, should ask developer on subject.
also issuername , subjectname shouldn´t equal.
a tool check data in certificate keystore-explorer
bit latte sorry, hope helps.
Comments
Post a Comment