Log In
Home
06/30/2014
Offline
I'm trying to get a connection between Reference Client and Server (or any sample client/server combo for that matter) using HTTPS endpoints. What I get is the stack trace below. What am I doing wrong? Thanks.
| EXCEPTION (ServiceResultException) |
| BadUnknownResponse |
| SERVICE RESULT (BadUnknownResponse) |
| STACK TRACE |
|
at Opc.Ua.DiscoveryClient.GetEndpoints(RequestHeader requestHeader, String endpointUrl, StringCollection localeIds, StringCollection profileUris, EndpointDescriptionCollection& endpoints) at Opc.Ua.DiscoveryClient.GetEndpoints(StringCollection profileUris) at Opc.Ua.Client.CoreClientUtils.SelectEndpoint(String discoveryUrl, Boolean useSecurity, Int32 operationTimeout) at Opc.Ua.Client.Controls.ConnectServerCtrl.<Connect>d__66.MoveNext() in D:\Sourcetree\OPC UA\UA-.NETStandard\SampleApplications\Samples\ClientControls.Net4\Common\Client\ConnectServerCtrl.cs:line 290 --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at Opc.Ua.Client.Controls.ConnectServerCtrl.<Server_ConnectMI_Click>d__74.MoveNext() in D:\Sourcetree\OPC UA\UA-.NETStandard\SampleApplications\Samples\ClientControls.Net4\Common\Client\ConnectServerCtrl.cs:line 504 |
05/30/2017
Offline
You will have to debug the client to see what is actually coming back.
That error indicates the response cannot be parsed.
06/30/2014
Offline
I did. It gets down to HttpsTransportChannel.BeginSendRequest() and PostAsync() errors out with "An error occurred while sending the request". It's as if it doesn't see the server even though it's running and the address is correct. Here's the log:
************************* Logging started at 05/12/2020 11:08:07
5/12/2020 11:08:07.209 Checking application instance certificate.
5/12/2020 11:08:07.226 Checking application instance certificate. CN=Quickstart Reference Client, C=US, S=Arizona, O=OPC Foundation, DC=dfsrv2019
5/12/2020 11:08:21.787 GetEndpoints Called. RequestHandle=1, PendingRequestCount=1
5/12/2020 11:08:24.117 Exception sending HTTPS request: An error occurred while sending the request.
5/12/2020 11:08:24.136 ***EXCEPTION*** BadCommunicationError HttpRequestException An error occurred while sending the request.
5/12/2020 11:08:24.147 Exception reading HTTPS response: An error occurred while sending the request.
5/12/2020 11:08:24.161 ***EXCEPTION*** BadUnknownResponse
5/12/2020 11:08:24.172 GetEndpoints Completed. RequestHandle=1, PendingRequestCount=0, StatusCode=Bad
I also noticed that the string "/discovery" is added to the URL, so I disabled that piece of code just for testing - didn't make a difference.
I was wondering if you had to do anything special to set up HTTPS communications.
06/30/2014
Offline
Got some more info. Trapped the HttpRequestException. It has two InnerExceptions:
WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
AuthenticationException: The remote certificate is invalid according to the validation procedure.
I'm just running samples straight out of the box - no changes of any kind.
05/30/2017
Offline
I have noticed that recent updates to the Windows TLS/SSL secure channel implementation can prevent applications from using TLS certificates that cannot be validated by Windows. This includes having a trusted CA and an online CRL. There may be a way to disable these checks but I have not found it yet.
I have been during any HTTPS development on a cloud VM with public domain name and a proper HTTPS certificate. I realize that will not be an option for everyone.
06/30/2014
Offline
You can do this in the client to get it to work:
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, errors) => true;
Obviously, you can provide any kind of custom validation you might need. Maybe all OPC UA Client should have a way to allow the application to supply their own server certificate validation.
1 Guest(s)
Usage Policy