Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
milo connecting to prosys opcserver with certificate
September 28, 2020
23:19, EEST
Avatar
user1290
New Member
Members
Forum Posts: 1
Member Since:
September 28, 2020
sp_UserOfflineSmall Offline

1. i generated a selfsigned certificate/private key in DER format
2. placed certificate file to
/home/user/.prosysopc/prosys-opc-ua-simulation-server/USERS_PKI/CA/certs
/home/user/.prosysopc/prosys-opc-ua-simulation-server/PKI/CA/certs
3. checked that certificate for my user is trusted in certificates tab of prosys server
4. tried to connect to prosys using params:
endpoint with certificate for user/application – one which i generated on step 1
message security level – MessageSecurityMode = Sign
user = UserTokenType = certificate

5. received general error like

23:18:49.976 [milo-netty-event-loop-4] DEBUG org.eclipse.milo.opcua.stack.client.transport.http.OpcHttpTransport – channelCreated(): [id: 0x6b0b3ba9]
23:18:49.977 [milo-netty-event-loop-4] DEBUG org.eclipse.milo.opcua.stack.client.transport.http.OpcHttpTransport – channelAcquired(): [id: 0x6b0b3ba9, L:/127.0.0.1:46828 – R:pc120/127.0.0.1:53443]
23:18:50.079 [milo-netty-event-loop-4] DEBUG org.eclipse.milo.opcua.stack.client.transport.http.OpcClientHttpCodec – encoding: CreateSessionRequest(requestHeader=RequestHeader(authenticationToken=NodeId{ns=0, id=0}, timestamp=DateTime{utcTime=132457979299730000, javaDate=Mon Sep 28 23:18:49 MSK 2020}, requestHandle=0, returnDiagnostics=0, auditEntryId=null, timeoutHint=5000, additionalHeader=null), clientDescription=ApplicationDescription(applicationUri=urn:xxx:client, productUri=client product uri not configured, applicationName=LocalizedText{text=qubicon opc-ua client, locale=en}, applicationType=Client, gatewayServerUri=null, discoveryProfileUri=null, discoveryUrls=null), serverUri=null, endpointUrl=opc.https://pc120:53443/OPCUA/SimulationServer, sessionName=UaSession:qubicon opc-ua client:1601324329973, clientNonce=ByteString{bytes=[-107, , 105]}, clientCertificate=ByteString{bytes=[48, -126,,115]}, requestedSessionTimeout=120000.0, maxResponseMessageSize=0)
23:18:50.082 [milo-netty-event-loop-4] DEBUG io.netty.handler.ssl.util.InsecureTrustManagerFactory – Accepting a server certificate: CN=pc120
23:18:50.099 [milo-netty-event-loop-4] DEBUG io.netty.handler.ssl.SslHandler – [id: 0x6b0b3ba9, L:/127.0.0.1:46828 – R:pc120/127.0.0.1:53443] HANDSHAKEN: protocol:TLSv1.2 cipher suite:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
23:18:50.104 [milo-netty-event-loop-4] DEBUG org.eclipse.milo.opcua.stack.client.transport.http.OpcHttpTransport – channelReleased(): [id: 0x6b0b3ba9, L:/127.0.0.1:46828 – R:pc120/127.0.0.1:53443]
23:18:50.104 [milo-shared-thread-pool-0] DEBUG org.eclipse.milo.opcua.stack.client.UaStackClient – Received ServiceFault request=CreateSessionRequest requestHandle=0, result=StatusCode{name=Bad_InternalError, value=0x80020000, quality=bad}
23:18:50.153 [milo-shared-thread-pool-0] DEBUG org.eclipse.milo.opcua.sdk.client.SessionFsm – [0] CreateSession failed: UaServiceFaultException: status=Bad_InternalError, message=An internal error occurred as a result of a programming or configuration error.

6. looked at prosys logs at /home/user/.prosysopc/prosys-opc-ua-simulation-server/log/simulationserver.log

09/28/2020 23:18:49.977 INFO [I/O dispatcher 416] com.prosysopc.ua.stack.transport.b.c [] – connected: [/fe80:0:0:0:28ee:79ff:fe26:9ff3%vethbf2a719:53443, /0:0:0:0:0:0:0:1%lo:53443, /127.0.0.1:53443, /fe80:0:0:0:a423:31ff:fead:e833%vethe811ffc:53443, /fe80:0:0:0:a81a:e1ff:feed:2b68%vethdcafd63:53443, /192.168.220.1:53443, /fe80:0:0:0:3c4b:94ff:fecd:3bd4%veth503b270:53443, /192.168.100.4:53443, /172.22.0.1:53443, /172.23.0.1:53443, /172.17.0.1:53443, /fe80:0:0:0:14ec:6ff:fe82:a0d9%vethfeea0b1:53443, /172.18.0.1:53443, /172.19.0.1:53443, /fe80:0:0:0:489a:63ff:fef7:4a8%vethab3ba47:53443, /fe80:0:0:0:3026:b3ff:fe8d:a6c9%vethd62ce93:53443, /fe80:0:0:0:42:efff:fea2:be9c%docker_gwbridge:53443, /fe80:0:0:0:4449:d5f9:b766:69d1%enp4s0:53443, /192.168.100.241:53443, /172.27.0.1:53443, /fe80:0:0:0:5061:68ff:fee0:215b%veth55d5c29:53443] /127.0.0.1 /127.0.0.1 context=[ioSession=127.0.0.1:53443127.0.0.1:46828[ACTIVE][r:][ACTIVE][r][NOT_HANDSHAKING][0][0][0]] socketTimeout=0
09/28/2020 23:18:50.100 INFO [I/O dispatcher 416] com.prosysopc.ua.stack.transport.b.e [] – HttpsServerEndpointHandler.handle(): singleSecureChannel.setConnection(127.0.0.1:53443127.0.0.1:46828)
09/28/2020 23:18:50.101 ERROR [I/O dispatcher 416] com.prosysopc.ua.stack.cert.c [] – error while validating certificates
java.lang.NullPointerException: null
at com.prosysopc.ua.stack.cert.c.a(SourceFile:126) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.UaApplication.a(SourceFile:399) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.server.aq.a(SourceFile:145) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.server.aq$1.onCreateSession(SourceFile:605) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.server.ab.h(SourceFile:521) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.server.ab.a(SourceFile:855) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.server.af.onCreateSession(SourceFile:136) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at com.prosysopc.ua.stack.a.h$1.c(SourceFile:114) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.stack.a.h.c(SourceFile:235) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.stack.transport.b.e.a(SourceFile:202) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.stack.transport.b.e.a(SourceFile:177) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.stack.transport.b.i.run(SourceFile:215) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.stack.transport.b.e.a(SourceFile:130) [ui-javafx-5.0.2-242.jar:5.0.2-242]
at com.prosysopc.ua.stack.transport.b.e.handle(SourceFile:48) [ui-javafx-5.0.2-242.jar:5.0.2-242]

September 29, 2020
8:24, EEST
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 319
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

Hello,

In your log Simulation Server is throwing a Null Pointer Exception while checking your certificate’s Key Usage extension, which would suggest your certificate is missing this extension. Application Instance Certificates and CA certificates are required to have this extension. See https://reference.opcfoundation.org/v104/Core/docs/Part6/6.2.2/ and https://tools.ietf.org/html/rfc5280#section-4.2.1.3 for more information on the topic.

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
20 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 135

pramanj: 86

Francesco Zambon: 81

ibrahim: 75

rocket science: 75

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

fred: 41

Member Stats:

Guest Posters: 0

Members: 707

Moderators: 16

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1465

Posts: 6252

Newest Members:

christi10l, ahamad1, Flores Frederick, ellenmoss, harriettscherer, shanonhumphreys, KupimotoblokfuB, tamhollander5, paulinafcf, bridgette18l

Moderators: Jouni Aro: 1009, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 982, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 26, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 319, Lusetti: 0, Ari-Pekka Soikkeli: 5

Administrators: admin: 1