Log In
Register
Topic RSS
13:42, EEST
August 20, 2014
Offline
Hello,
when i connect to the OPC UA Server created with the Java SDK 2.1.0-436, with UaExpert, i get the following message:
“SubjectAltName is missing – this extension is mandatory according to the UA specification”.
Where can i set this “SubjectAltName”?
Thanks.
14:18, EEST
April 3, 2012
Offline
Hi,
Subject Alternative Name is a field in the application certificate. Most likely the server uses the certificate created by the SDK, therefore it is automatically resolved from ApplicationDescription’s applicationUri property when creating the certificate. See the initialize method of SampleConsoleServer (should be around line 530) for example.
– Bjarne
14:34, EEST
August 20, 2014
Offline
Hi,
i have the lines, that set the applicationDescription in my server. Could it be something else?
15:17, EEST
April 3, 2012
Offline
Not sure, sounds weird. Can you check the certificate (at least windows has a certificate viewer, not sure about other OS) and does it contain that field? Also which version of UaExpert you have? Does this issue happen when connecting to the SampleConsoleServer?
6:55, EEST
August 20, 2014
Offline
Hi,
i’m using Ubuntu 14.04. There is a certificate viewer too. I looked at the certificate of the sampleConsoleServer and found the alternative Name. Then i checked the certificate of my Server and that field was missing. My Version of UaExpert is: 1.3.0 201.
7:46, EEST
April 3, 2012
Offline
If it exist in the sample server and not in yours, we can at least rule out any UaExpert problems. So there must be a difference somewhere between the sample server and yours.
7:23, EEST
August 20, 2014
Offline
Hi,
i updated the Java SDK to 2.2.0-552 and the UaStack to 1.02.337.4. But i still have the same problem. i even replaced my initialization of the server with the one from the sample server, and still: SubjectAltName is missing in the certificate.
Hope anyone has an idea.
8:53, EEST
December 21, 2011
Offline
Can you connect with security using the Prosys OPC UA Client or with the SampleConsoleClient included in the SDK?
10:01, EEST
August 20, 2014
Offline
Hi,
i changed my Server to “SecurityMode.ALL”. When i connect to this server with sampleConsoleClient i get “Bad_SecurityChecksFailed” (security mode: sign).
Then i copied the certificate of the server into th directory “PKI/CA/certs/” of the client. But i still get the same Exception.
10:27, EEST
August 20, 2014
Offline
I found out one interesting thing: My Server creates two certificates in directory “PKI/CA/private/”. One ends with “*.der” and the other one with “*_https.der”. The One which ends with “*_https.der” has the “SubjectAltName” field.
