OPC CLient Encrypt certificate | OPC ClientProsys Forum | Prosys OPC & OPC UA related discussion

Please consider registering
guest

Forum

OPC Client
sp_ArrowRight

OPC CLient Encrypt certificate

Topic RSS

OPC CLient Encrypt certificate

July 9, 2020
13:46, EEST

mats989

New Member

Members

Forum Posts: 2

Member Since:
July 9, 2020

Offline

Hi everyone,
I try to establish an encrypt connection between Prosys OPC UA Client and Simplex OPC UA Server.
When i configure User Authentication and set “Certificate and private key” the client ask me for 2 files:
I use client certificate .der and private key .pem.
When i click on connect the program return me this error:

The server does not accept this application’s certificate: Error= Bad_certificate invalid (0x80120000)

What’s am i wrong?

July 9, 2020
14:19, EEST

Bjarne Boström

Moderator

Moderators

Forum Posts: 983

Member Since:
April 3, 2012

Offline

Hi,

Multiple things going wrong. This is the forum for the OPC Classing client https://www.prosysopc.com/products/opc-client/. That does not have anything to do with ‘OPC UA’. The only thing ‘Classic OPC’ and ‘OPC UA’ have in common in practice is the 3 letters “OPC” in the name and that’s about it (though there exist converters such as UA Gateway).

The application named “Prosys OPC UA Client” was rewrittend/renamed as “Prosys OPC UA Browser” (https://www.prosysopc.com/products/opc-ua-browser/) and for that the correct forum https://forum.prosysopc.com/forum/opc-ua-client/. Note that all bug fixes etc. are only done on the Browser application. Thus I would recommend you using that one.

Based on your post I would sort of assume you are not very familiar with OPC UA in general. Thus could you doublecheck that you are actually supposed to use certificate in USER authentication? User authentication certificates are completely different concept from the ApplicationInstanceCertificates. That is to say, do NOT use the client’s ApplicationInstanceCertificate as a user-authentication-level-certificate, that is connection level certificate, which is different. ApplicationInstanceCertificates are used to authenticate applications, user authentication comes on top of that (or the Anonymous UserIdentity is used).

July 9, 2020
15:27, EEST

mats989

New Member

Members

Forum Posts: 2

Member Since:
July 9, 2020

Offline

Hi Bjarne,
Yeah yuo’re right. I’m still building my know how on OPC UA. Sorry for wrong section and thanks for your quickly response.
I shortly explain what i’m trying to do:

Scenario 1:
I’ve alredy perform an encrypt connection between OPC UA Client/Server using Simplex SDK. That’s ok!
Simplex give me a tool to generate server certificate .pfx and client certificate (.der and .pem)
I’ve put those file in the right path and everything works ok.

Now i’m trying the following scenario 2:

– OPC UA Server developed in delphi with Simplex SDK and Prosys OPC UA Client.
The server remain the same and only the client change.
When i put the client certificate in section above i’ve got the error.

Thanks in advance.

Wink

July 9, 2020
22:19, EEST

Jouni Aro

Moderator

Moderators

Forum Posts: 1010

Member Since:
December 21, 2011

Offline

Hi Mats,

Thanks for looking for assistance from us for this problem. However, I would suggest asking for assistance from Simplex developers to help you with the interoperability issues related to that.

Or in fact, our suggestion would of course be to use Prosys Sentrol OPC UA & Classic SDK instead, in which case we would be more than happy to help you further with any issues related to your OPC UA development in Delphi. 🙂

Anyways, I would like to suggest to upgrade your OPC UA Client to OPC UA Browser as Bjarne suggested.

OTOH, Bjarne also explained, that you probably don’t want to use user certificates at all, but if you do, you will need to find the reason from the server side, to understand what it expects for them.

All RSS

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
22 Guest(s)

Currently Browsing this Page:
1 Guest(s)