15:46, EET
January 24, 2022
I’m trying to connect my Android application to a OPC server. I’m using a PKI file which I have verified that I can connect using that file through dataFEED OPC UA Client by Softing. I’m able to connect using anonymous and username/password but certificate is giving me issues.
Getting the following error:
com.prosysopc.ua.client.ConnectException: Failed to create secure channel to server: : opc.tcp://10.249.xx.xx:4840 [http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,Sign] ServiceResult=Bad_ConnectionClosed (0x80AE0000) “The network connection has been closed.”
Caused by: com.prosysopc.ua.stack.common.ServiceResultException: Bad_ConnectionClosed (code=0x80AE0000, description=”Connection closed (graceful)”)
Caused by: java.io.EOFException
0x80AE0000 = “BasConnectionClosed” which is just a generic error that doesn’t tell me what the problem is.
Any ideas on what could be causing this?
ApplicationDescription description = new ApplicationDescription();
description.setApplicationName(new LocalizedText(appName + “@localhost”));
description.setApplicationType(ApplicationType.Client);
File pfx = new File(“” + “dataFEEDOpcUaClient.pfx”);
ApplicationIdentity identity = ApplicationIdentity.loadOrCreateCertificate(description, “dataFEEDOpcUaClient”, “”, pfx, true);
identity.setApplicationDescription(description);
identity.setOrganisation(appName);
connect(address, identity, 60000, mode, objectNodeName, rtu, null, null)
.subscribe(emitter::onComplete, emitter::onError);
private Completable connect(String serverAddress, ApplicationIdentity identity, long timeout, SecurityMode mode, String objectNodeName, String rtu, String userName, String password) {
connected = true;
return Completable.create(emitter -> {
if (!clients.containsKey(objectNodeName) || clients.get(objectNodeName) == null) {
clients.put(objectNodeName, new RTUClient(updateInterval, objectNodeName, listener, nodeDao));
}
RTUClient client = clients.get(objectNodeName);
if (!client.getClient().isConnected()) {
client.getClient().setAddress(serverAddress);
client.getClient().setApplicationIdentity(identity);
client.getClient().setTimeout(timeout);
client.getClient().addServerStatusListener(new RTUServerStatusListener());
client.getClient().setSecurityMode(mode);
if (userName != null && password != null) {
client.getClient().setUserIdentity(new UserIdentity(userName, password));
}
try {
client.getClient().connect();
collectVariableNodes(objectNodeName, rtu, client).subscribe(emitter::onComplete);
} catch (Exception e) {
emitter.tryOnError(e);
}
}
}).subscribeOn(Schedulers.io())
.doOnComplete(() -> System.out.printf(LogMessages.CONNECTION_SUCCESS, TAG, rtu, objectNodeName))
.doOnError(error -> System.out.printf(LogMessages.CONNECTION_ERROR, TAG, rtu, objectNodeName, error.getLocalizedMessage()));
}
16:18, EET
April 3, 2012
Hi,
I cannot know what your “RTUClient” class does. Does it just hold the UaClient in a field or does it something special?
Please try first run the SampleConsoleClient pretty much “as is” and check differences to your code.
I believe there was some issues with private key passwords on Android, if you have one, please try without, if that is an option for you.
Also, normally we have used .der format for public keys and .pem for private keys, you could try converting. Though, in general you should not use the keys of another client, but create own keys per client (it looks a lot like you try to use the “dataFEED OPC UA Client by Softing” keys).
15:08, EET
January 24, 2022
“RTUClient” is just a helper class doing some over the overhead.
I have tried running SampleConsoleClient and at first I was getting the same error. I was able to make some adjustments and after adding the .der file to the OPC server so that the connection can be trusted I’m getting this error:
com.prosysopc.ua.SessionActivationException: Failed to initialize User Identity Token: Bad_IdentityTokenRejected (code=0x80210000, description=”Anonymous UserTokenType is not supported”) ServiceResult=Bad_IdentityTokenRejected (0x80210000) “The user identity token is valid but the server has rejected it.”
Caused by: com.prosysopc.ua.stack.common.ServiceResultException: Bad_IdentityTokenRejected (code=0x80210000, description=”Anonymous UserTokenType is not supported”)
The server supports the following user tokens:
Certificate
15:23, EET
Moderators
February 11, 2020
Hello,
Since the description for the ServiceResultException is “Anonymous UserTokenType is not supported”, it would imply that the Server doesn’t support connecting with anonymously. Were you attempting to connect with Anonymous UserTokenType?
To use a certificate as a UserIdentity, you will need to construct a UserIdentity instance using either new UserIdentity(Cert certificate, PrivKey privateKey) or new UserIdentity(File certificateFile, File privateKeyFile, String privateKeyPassword) and then have your UaClient to use it with UaClient.setUserIdentity(UserIdentity userIdentity). Note, that it is up to the Server whether or not it accepts the certificate.
13:59, EET
January 24, 2022
You’re correct, the problem was with the way I was using UserIdentity. I was able to get SampleConsoleClient .java to connect using a certificate. I then tried to migrate it into my Android application but I’m now getting the same error as before:
com.prosysopc.ua.client.ConnectException: Failed to create secure channel to server: : opc.tcp://10.249.xx.xx:4840 [http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,Sign] ServiceResult=Bad_ConnectionClosed (0x80AE0000) “The network connection has been closed.
I’m not sure why, the code base is exactly the same its just being compiled on Android. Other types of authentication (anonymous and username/password) still work.
I have attached my two SampleConsoleClient (renamed to be CertConnection) in this GitHub repo. The ‘Script’ directory is the SampleConsoleClient that I modified and it works fine. The other directory is the SampleConsoleClient that worked that I slightly modified to work in Android but I get the above error message.
https://github.com/yaron-e/opcUA
Thank you for helping!
11:04, EEST
Moderators
February 11, 2020
Hello,
We don’t debug code posted at this forum for errors.
If the code is working elsewhere but not on Android, it could be that BouncyCastle libraries are used on Android instead of the correct SpongyCastle libraries. In addition to the libraries in the “lib” folder of the SDK distribution, libraries in the “lib-android” folder of the SDK distribution must be used when working on Android. Let the libraries from “lib-android” folder overwrite the libraries from “lib” folder in your project.
If using the correct libraries doesn’t solve the issue, can you provide a full stack trace that lead to com.prosysopc.ua.client.ConnectException?
Most Users Ever Online: 1919
Currently Online:
9 Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Heikki Tahvanainen: 402
hbrackel: 144
rocket science: 88
pramanj: 86
Francesco Zambon: 83
Ibrahim: 78
Sabari: 62
kapsl: 57
gjevremovic: 49
Xavier: 43
Member Stats:
Guest Posters: 0
Members: 728
Moderators: 7
Admins: 1
Forum Stats:
Groups: 3
Forums: 15
Topics: 1529
Posts: 6471
Newest Members:
ellis87832073466, zkxwilliemae, gabriellabachus, Deakin, KTP25Zof, Wojciech Kubala, efrennowell431, wilfredostuart, caitlynfajardo, jeromechubb7Moderators: Jouni Aro: 1026, Pyry: 1, Petri: 0, Bjarne Boström: 1032, Jimmy Ni: 26, Matti Siponen: 349, Lusetti: 0
Administrators: admin: 1