0
Secure Connection to Ignition OPC-UA
Forum / Questions & Answers
I have been struggling with this for days. While trying to connect an OPC collector session to a locally hosted Ignition gateway OPC-UA server, I get this error in the Ignition logs:
UascServerAsymmetricHandler 11Jun2024 07:14:32 Error installing security token: StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}
org.eclipse.milo.opcua.stack.core.UaException: no matching endpoint found: transportProfile=TCP_UASC_UABINARY, endpointUrl=opc.tcp://127.0.0.1:62541/, securityPolicy=None, securityMode=None
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.lambda$openSecureChannel$3(UascServerAsymmetricHandler.java:410)
at java.base/java.util.Optional.orElseThrow(Unknown Source)
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.openSecureChannel(UascServerAsymmetricHandler.java:400)
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.lambda$sendOpenSecureChannelResponse$1(UascServerAsymmetricHandler.java:311)
at org.eclipse.milo.opcua.stack.core.channel.SerializationQueue.lambda$encode$0(SerializationQueue.java:59)
at org.eclipse.milo.opcua.stack.core.util.TaskQueue$TaskWrapper.run(TaskQueue.java:273)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
- In the OPC Collector settings, clicking INFO... yields a certificate that looks right.
- I have uploaded that same certificate to the server security tab in Ignition OPC-UA security
- I have installed the Ignition OPC-UA Server certificate into my local computer Trusted Root Certification Authorities (also tried Personal)
- These are my Canary connection settings: I have created a user in the Ignition opcua-module user source for Canary.
- These are the Ignition settings:
1 reply
-
douglas. lawrie Are there any messages in Canary's message log when you try to connect? If the "Use Security" box is checked, it should not try to connect without security.
I would also reach out to IA if you haven't already regarding that error. It seems odd that it's reporting the securityPolicy=none even though it is set to Basic256Sha256.