+1
Under review

OPCUA Interface - Error in activating session

Ernesto 7 months ago in OPCUA4Unity updated by Support 2 months ago 30

Dear all,

I'm having problems to connect to a remote OPC UA server using the OPCUA Interface Component.

I followed the "Connection troubleshouting" guidelines provided in "/game4automation/Documentation/opcua.html".

Configuring the OPC Server with "No security certificates and passwords" I could connect OPC Watch with the server (see Image):


Image 576


However, when I tried connecting through the Unity OPCUA Interface:


Image 577


I get the following error message:

OPCUA Interface - Error in activating session [BadUnknownResponse]
UnityEngine.Debug:LogError (object)
game4automation.OPCUA_Interface:Connect () (at Assets/game4automation/private/Interfaces/OPCUA4Unity/OPCUA_Interface.cs:179)
game4automation.OPCUA_Interface:EditorImportNodes () (at Assets/game4automation/private/Interfaces/OPCUA4Unity/OPCUA_Interface.cs:246)
game4automation.OPCUAInterfaceEditor:OnInspectorGUI () (at Assets/game4automation/private/Interfaces/OPCUA4Unity/private/Editor/OPCUAInterfaceEditor.cs:20)
UnityEngine.GUIUtility:ProcessEvent (int,intptr,bool&)


As it can be seen in the last image, I'm using Unity 2021.3.2f1 Editor with Game4Automation Digital Twin Professional 2020.


Any idea of what I'm missing?


Thank you in advanced.

Answer

Answer

Hi, I checked. I found an issue with reconnection, that is why I am attaching here a new script. This will be included in next release.

OPCUA_Interface.cs

The disconnect problem and the PLCOutputBool can't be reproduced here on my computer with Simit.

I tried to communicate locally (localhost) with the same result.

The server I'm using is:

https://www.kepware.com/en-us/products/kepserverex/version-6/

Update: Looking at the comments in https://forum.game4automation.com/en/communities/1/topics/356-error-in-opening-secure-channel-badencodinglimitsexceeded, I downloaded a previous version of the game4Automation in  https://game4automation.com/download/customers/, concretely the 2019 one.


This version works perfectly, and I can read/write OPCUA nodes in Unity (tested in Unity 2021.3.2f1 editor). However, it would be good to work with the latest game4automation library.  

Under review

I am sorry for the problems. If you have problems you could downgrad to the OPCUA solution in our Version 2020.13 and before. But there were reasons for chaning to the new version. Mainly because of open source, pure .Net, Andoid, IOS and Hololens compatiblity. The new library is based on 

https://github.com/nauful/LibUA/.  But there are still issues and we are going to improve it in future.

Ok. Thanks for the comment. I will work with the previous version until the issues are fixed.

Planned

What kind of OCUA Server are you using. Is there any possiblity that we test and debug with the same server?

请尽快解决这个问题,我使用 ABBIRC5OPCUAserver

Any update? I cannot connect to kepserverex yet. Could you please indicate me a tested OPCUA server compatible with Siemens PLC? Perhaps Siemens OPCUA server?

Thank you in advance!

+2
Completed

Hi Erenesto,

I am sending you an email with a new code for OPCUA_Interface.cs. Please replace yours with this new code and I hope connection will work.

Changes will be included in upcoming 2021 release.

i have the same problem,may you send the new code to me?thanks. my email:  maokeuncle@163.com

Thank you for your help!


I did replace the OPCUA_Interface.cs file but, unfortunately, I'm not getting connection.

In the following image you can see the error I'm getting.


Am I missing something? 


Thank you again for the help.

Kind regards,

Hallo together,

i do have nearly the same problems. In my case the connection is working without authentication. But if I want to connect via Username and password, to have writing capability on the OPC-UA server, i get the following error message:

I'm using the newes Version "realvirtual-Professional-2021.03". Is there a chance to connect to my OPC-UA Server? OPC-Watch works perfectly fine with authentication an writing variables.

Thanks for your support!

Under review

This seems to be a bug related to certificates or / and User Login. Is there any chance that we can test / debug with your OPCUA server?

Yes, we can meet up in a Teams meeting. That would be great.
I think we can find a timeslot if you write me an email.

I am (from tomorrow on) for 10 days in vacation. Is there a chance that we can test and debug it on our computers?

It's the Stäubli Robotics Suite with CS9 Emulator. I can't send you the whole project. But will prepard a project with some test variables, as soon as possible, to send it to you. 

Hi!


I said by email, the last update of the OPCUA_Interface component is running fine when the communication is established remotely, I mean, when the server is on one PC and the Client is on another PC, for example.

However, when I tried to run the server and the Unity client on the same PC, I get that the host cannot be resolved:

No matter if I try to connect using the localhost endpoint or other available endpoint.

Any idea of what I'm missing?

Thank you in advance.

Hi All,

I'm having similar issues connecting to OPC servers when using security (tested successfully with other clients using SignandEncrypt and Basic256Sha256)

The error is: Error in creating session [BadSecurityPolicyRejected]. 

In the documention, the instruction is to use ua-configuration-tool to create a client certificate. This software is no longer supported by opclabs. I have tried to create a certificate using openssl but without success.

What I would like to understand better:

  • What eactly should the Application Name, URN and URI be? Is this the name of the unity project? Is it the name of the built .exe file? Does it matter if it matches the CN of the certificate?
  • In OPCUA_Interface.cs, the security mode and policy is set as 'none' (openRes = client.OpenSecureChannel(MessageSecurityMode.None, SecurityPolicy.None, null);) is this correct?? Should they be set to match the server security policy i.e. Basic256Sha256??

Any advice would be appreciated.

thanks,


Adam

HI Adam,

oh thanks - did not know that the ua-configuration-tool is not available on that link any more. I found a working download here:

https://kb.opclabs.com/Tool_Downloads


For answering your question I would need to do a deep dive on this topic on Monday next week.

Many thanks. I also found a link to the ua configuration tool but it seems it doesn't support the current sha256 security standard, possibly the reason it was removed.

Some additional detail which may help:

The demo server used is from Unified Automation ( the ANSI C version). The server settings file is used to modify the security policies.

The test client used was UA Expert, also from Unified Automation. This works successfully with the demo server for various security policies.

Opcua_interface only connects successfully to the demo server when the server security policy is 'none' (i.e. with no certificate requirement). 


thanks,

Adam

Hi Adam,

the certificate implementation is for sure not working. I extended our code and created a certificate with OpenSSL. But still I am not able to connect to our KepServerEX test server. I get the error  "Incomplete private key - missing CRT".

I am not sure if there is something wrong with my openssl generated certificates or it is still an impementation issue. I will post this issue to the LibUA forum, which is the basis Library we are using.


If you would like I could also send you our current status. But as I said with my certificates it is still not working.

Hi, did you receive anything useful from the LibUA community regarding the certificate issues?

Thanks,

Adam

I changed some things in our code - it's certain that the certificates didn't work after switching to LibUA- but I still have the problem to generate a working certificate. See the posts here:
https://github.com/nauful/LibUA/issues/94

So for now, I don't have a solution. If you want, you can test it yourself and I'll give you the beta version where I still get the missing CRT message.


Best regards

Thomas 

Thanks for the update Thomas.

This is the first time I have looked in to certificate generation so I dont think I'll have anything to offer above what you have tried.

I'll keep checking in on here and the LibUA forum to see if there are any updates.

Thanks,

Adam

Hi Thomas, I've had a play over the weekend and managed to get a simple client working using an alternative library which successfully connects to the server by creating a certificate (which needs to be added to the server's trusted certs folder).

I'm pushing the limit of my C# ability but I can email it you if any use as an alterative to LIBUA.

Thanks,

Adam

Hi Adam, yes please, if you have a solution or know an alternative library, please mail what you can share to info@realvirtual.io. Thanks a lot.

I am currently using realvirtual.io 2021.06.1637. It seems that the problem still exists. Hope it can be solved soon.

With which kind of OPCUA server are you having the problems? I will check with all our test opcua servers on Monday again.

OPC UA based on Matrikon would presents this Error in activating session problem. 

The OPC UA that comes with Simit has another problem:OPCUA Interface will automatically disconnected after 2.5 to 3 minutes of program startup, and  OPCUA Interface-Client Disconnected occurs immediately when recieve a PLC Output Bool signal changed event.

Answer

Hi, I checked. I found an issue with reconnection, that is why I am attaching here a new script. This will be included in next release.

OPCUA_Interface.cs

The disconnect problem and the PLCOutputBool can't be reproduced here on my computer with Simit.