Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Prosys OPC UA Simulation server 'BadIdentityTokenRejected'
February 6, 2024
12:54, EET
Avatar
AswinPalaniappa
New Member
Members
Forum Posts: 2
Member Since:
February 6, 2024
sp_UserOfflineSmall Offline

Hello there,

I’m currently evaluating Prosys OPC UA Simulation server with encryption. As part of my evaluation, I’m trying to connect the server via Basic256Sha256 policy from Prosys OPC UA Browser. On the first attempt, server rejected the application instance certificate. Then, I changed it to trusted certificate in the UI.

When I attempt to connect again, I get ‘BadIdentityTokenRejected’ error in the browser. Upon reading the documentation, I copied the user certificate into the folder certs under USERS_PKI – ~/.prosysopc/prosys-opc-ua-simulation-server/USERS_PKI/CA/certs/Basic256Sha256.der.

Even after doing this, same issue persists. Could you please help me in fixing this?

Note: I validated the signing algorithm of the certificate which is sha256withRSAencryption.

February 6, 2024
14:31, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 311
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

Hello,

Since you mentioned “user certificate”, I’m assuming you’re trying to connect to Simulation Server while using an User Certificate. If the same certificate file is present in both prosys-opc-ua-simulation-server\USERS_PKI\CA\certs and prosys-opc-ua-simulation-server\USERS_PKI\CA
ejected folder, it will be treated as rejected, so make sure you remove it from the rejected folder before attempting to connect and activate a Session using it.

If you have already made sure that the User Certificate is present only in the prosys-opc-ua-simulation-server\USERS_PKI\CA\certs folder, the certificate must also pass certificate validation checks for Simulation Server to allow activating a Session with it. You might find more information on why the User Certificate didn’t pass the validation checks in simulationserver.log log file available at prosys-opc-ua-simulation-server\log folder.

February 7, 2024
6:05, EET
Avatar
AswinPalaniappa
New Member
Members
Forum Posts: 2
Member Since:
February 6, 2024
sp_UserOfflineSmall Offline

Hello Matti,

Looking at the log has helped me to understand the error better. Key usage was missing in my case,
After fixing that, things are through now.

Thanks for your quick support.

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
17 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 130

pramanj: 86

Francesco Zambon: 78

rocket science: 75

ibrahim: 75

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

fred: 41

Member Stats:

Guest Posters: 0

Members: 731

Moderators: 16

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1450

Posts: 6201

Newest Members:

jadadibdin6, DiianaZof, antoniettakarn, Tor, Arktistync, floybateson9, inilarythikibia, celinamcguire5, helenblodo

Moderators: Jouni Aro: 1007, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 970, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 26, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 311, Lusetti: 0, Ari-Pekka Soikkeli: 5

Administrators: admin: 1