Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
OPC CLient Encrypt certificate
July 9, 2020
13:46, EEST
Avatar
mats989
New Member
Members
Forum Posts: 2
Member Since:
July 9, 2020
sp_UserOfflineSmall Offline

Hi everyone,
I try to establish an encrypt connection between Prosys OPC UA Client and Simplex OPC UA Server.
When i configure User Authentication and set “Certificate and private key” the client ask me for 2 files:
I use client certificate .der and private key .pem.
When i click on connect the program return me this error:

The server does not accept this application’s certificate: Error= Bad_certificate invalid (0x80120000)

What’s am i wrong?

July 9, 2020
14:19, EEST
Avatar
Bjarne Boström
Moderator
Moderators
Forum Posts: 545
Member Since:
April 3, 2012
sp_UserOfflineSmall Offline

Hi,

Multiple things going wrong. This is the forum for the OPC Classing client https://www.prosysopc.com/products/opc-client/. That does not have anything to do with ‘OPC UA’. The only thing ‘Classic OPC’ and ‘OPC UA’ have in common in practice is the 3 letters “OPC” in the name and that’s about it (though there exist converters such as UA Gateway).

The application named “Prosys OPC UA Client” was rewrittend/renamed as “Prosys OPC UA Browser” (https://www.prosysopc.com/products/opc-ua-browser/) and for that the correct forum https://forum.prosysopc.com/forum/opc-ua-client/. Note that all bug fixes etc. are only done on the Browser application. Thus I would recommend you using that one.

Based on your post I would sort of assume you are not very familiar with OPC UA in general. Thus could you doublecheck that you are actually supposed to use certificate in USER authentication? User authentication certificates are completely different concept from the ApplicationInstanceCertificates. That is to say, do NOT use the client’s ApplicationInstanceCertificate as a user-authentication-level-certificate, that is connection level certificate, which is different. ApplicationInstanceCertificates are used to authenticate applications, user authentication comes on top of that (or the Anonymous UserIdentity is used).

July 9, 2020
15:27, EEST
Avatar
mats989
New Member
Members
Forum Posts: 2
Member Since:
July 9, 2020
sp_UserOfflineSmall Offline

Hi Bjarne,
Yeah yuo’re right. I’m still building my know how on OPC UA. Sorry for wrong section and thanks for your quickly response.
I shortly explain what i’m trying to do:

Scenario 1:
I’ve alredy perform an encrypt connection between OPC UA Client/Server using Simplex SDK. That’s ok!
Simplex give me a tool to generate server certificate .pfx and client certificate (.der and .pem)
I’ve put those file in the right path and everything works ok.

Now i’m trying the following scenario 2:

– OPC UA Server developed in delphi with Simplex SDK and Prosys OPC UA Client.
The server remain the same and only the client change.
When i put the client certificate in section above i’ve got the error.

Thanks in advance.

Wink

July 9, 2020
22:19, EEST
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 851
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline

Hi Mats,

Thanks for looking for assistance from us for this problem. However, I would suggest asking for assistance from Simplex developers to help you with the interoperability issues related to that.

Or in fact, our suggestion would of course be to use Prosys Sentrol OPC UA & Classic SDK instead, in which case we would be more than happy to help you further with any issues related to your OPC UA development in Delphi. 🙂

Anyways, I would like to suggest to upgrade your OPC UA Client to OPC UA Browser as Bjarne suggested.

OTOH, Bjarne also explained, that you probably don’t want to use user certificates at all, but if you do, you will need to find the reason from the server side, to understand what it expects for them.

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 267

Currently Online:
7 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 103

pramanj: 86

ibrahim: 70

kapsl: 57

gjevremovic: 49

TimK: 41

Fransua33: 39

fred: 38

Rainer Versteeg: 32

Thomas Reuther: 31

Member Stats:

Guest Posters: 0

Members: 1105

Moderators: 14

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1009

Posts: 4268

Newest Members:

user1290, gregp, mariohetheringto, normagalindo47, aurelia27u, isobel41d356980, michaeldegli, gqbdolores, kez1399, jaclynmcvay358

Moderators: Jouni Aro: 851, Otso Palonen: 32, Tuomas Hiltunen: 5, janimakela: 0, Pyry: 1, Terho: 0, Petri: 0, Bjarne Boström: 545, Heikki Tahvanainen: 402, Jukka Asikainen: 1, Teppo Uimonen: 20, Markus Johansson: 19, Matti Siponen: 53, Lusetti: 0

Administrators: admin: 0