Hi Thomas, I've had a play over the weekend and managed to get a simple client working using an alternative library which successfully connects to the server by creating a certificate (which needs to be added to the server's trusted certs folder).

I'm pushing the limit of my C# ability but I can email it you if any use as an alterative to LIBUA.

Thanks,

Adam

Thanks for the update Thomas.

This is the first time I have looked in to certificate generation so I dont think I'll have anything to offer above what you have tried.

I'll keep checking in on here and the LibUA forum to see if there are any updates.

Thanks,

Adam

Hi, did you receive anything useful from the LibUA community regarding the certificate issues?

Thanks,

Adam

Many thanks. I also found a link to the ua configuration tool but it seems it doesn't support the current sha256 security standard, possibly the reason it was removed.

Some additional detail which may help:

The demo server used is from Unified Automation ( the ANSI C version). The server settings file is used to modify the security policies.

The test client used was UA Expert, also from Unified Automation. This works successfully with the demo server for various security policies.

Opcua_interface only connects successfully to the demo server when the server security policy is 'none' (i.e. with no certificate requirement). 

thanks,

Adam

Hi All,

I'm having similar issues connecting to OPC servers when using security (tested successfully with other clients using SignandEncrypt and Basic256Sha256)

The error is: Error in creating session [BadSecurityPolicyRejected]. 

In the documention, the instruction is to use ua-configuration-tool to create a client certificate. This software is no longer supported by opclabs. I have tried to create a certificate using openssl but without success.

What I would like to understand better:

• What eactly should the Application Name, URN and URI be? Is this the name of the unity project? Is it the name of the built .exe file? Does it matter if it matches the CN of the certificate?
• In OPCUA_Interface.cs, the security mode and policy is set as 'none' (openRes = client.OpenSecureChannel(MessageSecurityMode.None, SecurityPolicy.None, null);) is this correct?? Should they be set to match the server security policy i.e. Basic256Sha256??

Any advice would be appreciated.

thanks,

Adam