Log In
Register
Topic RSS
12:58, EET
April 9, 2013
Offline
I tried my OPC UA Server with those security Policies
However when I try to valid the first SecureMessage (CreateSession) after the OpenSecureChannel suceeded.
The HMAC SHA256 Verify failed.
With which Server have you tested your client against those Security Policies ?
15:29, EET
December 21, 2011
Offline
There were interoperability issues against the C/.NET servers before Java SDK version 2.1.2, since the specification was different to those implementations. Which version of the SDK are you using?
The change was mentioned in the release notes as well: https://downloads.prosysopc.co…..2-478.html
8:05, EET
April 9, 2013
Offline
Hello,
I am using my own Server based on the 1.02 OPC UA Stack version.
13:55, EET
December 21, 2011
Offline
Sorry for the late response.
A possible reason is that the specification is actually defining a wrong URL for the AsymmetricSignatureAlgorithm, ‘http://www.w3.org/2000/09/xmldsig#rsa-sha256’, whereas all the implementations actually use the correct one, ‘http://www.w3.org/2001/04/xmldsig-more#rsa-sha256’. This was fixed also for the Java stack in version 2.1.2, but the respective change was not taken to the specification version 1.03 either. Hopefully, there will be an errata that fixes it finally. The following Mantis issue can be used to track it:
15:11, EET
April 9, 2013
Offline
I don’t know.
Anyway, my Server is working with the latest UAExpert v1.4.0 which supports Basic256Sha256.
I will wait for the Prosys OPC UA Client to be support it as well.
Regards.
Camille Guérin.
16:10, EET
April 3, 2012
Offline
It technically supported it for a while now, but it is not visible in the UI because servers didn’t support it. Will show in the newest build (2.2.0-35). Will be shortly the release version.
8:15, EET
April 9, 2013
Offline
My Server supports Basic256Sha256 and it works with the latest UAExpert client (which supports it as well)
However it does not work with Prosys OPC UA Client, the CreateSecureChannelRequest with Basic256Sha256 is not well signed, I guess it used the wrong algorithmus.
12:52, EET
December 21, 2011
Offline
I discussed this with Unified Automation and heard that there were interoperability issues with the OPC Foundation stack implementations in last week’s Interoperability Workshop – and these issues were fixed in the OPC Foundation stacks.
Our Java and Unified Automation implementations should be interoperable.
But which stack implementation are you using? OPC Foundation’s .NET or C and which version?
