Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
sp_Search Search
Advanced Search
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Search Search
Go to Bottom
No permission to create posts
sp_Feed Topic RSS sp_TopicIcon
Prosys OPC UA Simulation server 'BadIdentityTokenRejected'
February 6, 2024
12:54, EET
Avatar
AswinPalaniappa
New Member
Members
Forum Posts: 2
Member Since:
February 6, 2024
sp_UserOfflineSmall Offline
Go to Top
1sp_Permalink sp_Print

Hello there,

I’m currently evaluating Prosys OPC UA Simulation server with encryption. As part of my evaluation, I’m trying to connect the server via Basic256Sha256 policy from Prosys OPC UA Browser. On the first attempt, server rejected the application instance certificate. Then, I changed it to trusted certificate in the UI.

When I attempt to connect again, I get ‘BadIdentityTokenRejected’ error in the browser. Upon reading the documentation, I copied the user certificate into the folder certs under USERS_PKI – ~/.prosysopc/prosys-opc-ua-simulation-server/USERS_PKI/CA/certs/Basic256Sha256.der.

Even after doing this, same issue persists. Could you please help me in fixing this?

Note: I validated the signing algorithm of the certificate which is sha256withRSAencryption.

February 6, 2024
14:31, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 321
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline
Go to Top
2sp_Permalink sp_Print

Hello,

Since you mentioned “user certificate”, I’m assuming you’re trying to connect to Simulation Server while using an User Certificate. If the same certificate file is present in both prosys-opc-ua-simulation-server\USERS_PKI\CA\certs and prosys-opc-ua-simulation-server\USERS_PKI\CA
ejected folder, it will be treated as rejected, so make sure you remove it from the rejected folder before attempting to connect and activate a Session using it.

If you have already made sure that the User Certificate is present only in the prosys-opc-ua-simulation-server\USERS_PKI\CA\certs folder, the certificate must also pass certificate validation checks for Simulation Server to allow activating a Session with it. You might find more information on why the User Certificate didn’t pass the validation checks in simulationserver.log log file available at prosys-opc-ua-simulation-server\log folder.

February 7, 2024
6:05, EET
Avatar
AswinPalaniappa
New Member
Members
Forum Posts: 2
Member Since:
February 6, 2024
sp_UserOfflineSmall Offline
Go to Top
3sp_Permalink sp_Print

Hello Matti,

Looking at the log has helped me to understand the error better. Key usage was missing in my case,
After fixing that, things are through now.

Thanks for your quick support.

No permission to create posts
sp_Feed All RSS
Go to top
Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
9 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 135

pramanj: 86

Francesco Zambon: 81

rocket science: 77

Ibrahim: 76

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

TimK: 41

Member Stats:

Guest Posters: 0

Members: 682

Moderators: 16

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1467

Posts: 6261

Newest Members:

digitechroshni, LouieWreve, Kickbiche, karrimacvitie5, graciela2073, sagarchau, elviralangwell4, Donnavek, Eddiefauth, DonaldPooma

Moderators: Jouni Aro: 1010, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 983, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 26, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 321, Lusetti: 0, Ari-Pekka Soikkeli: 5

Administrators: admin: 1