Log In
Home
05/25/2023
Offline
I'm trying to connect the sample client to a server that implements user certificate authentication, there are no examples of how to handle user certificates with .der and .pem files.
Through ua expert i can connect but not through my c# .net core application.
Someone can help me? Thank you.
05/25/2023
Offline
Thank you for the fast reply.
I Try to connect but without success, the program return an error message: EndPoint does not support the user identity type provided
05/30/2017
Offline
You need to enable it in the server configuration.
05/25/2023
Offline
Randy Armstrong said
You need to enable it in the server configuration.
Thank you for the reply, but in the server I can't modify the type of connection or security parameters.
With uaexpert I can connect to the opcua server. In the uaexpert connection parameters i put the user .der and the private key .pem file and work fine, authentication type Sign&Encrypt and Basic256Sha256. I've copy the server ca certificate and server certificate and in the server pki i've copy the uaexpert certificate.
When I try to copy this configuration in the UA client sample application not work.
05/30/2017
Offline
The server configuration is here:
https://github.com/OPCFoundati.....Config.xml
You configure the available identity policies with the <UserTokenPolicies> element.
You configure the over all policies with <SecurityPolicies> element.
But I am not sure what your issue is.
Can you connect with security with anonymous credentials?
05/25/2023
Offline
Randy Armstrong said
The server configuration is here:https://github.com/OPCFoundati.....Config.xml
You configure the available identity policies with the element.
You configure the over all policies with element.
But I am not sure what your issue is.
Can you connect with security with anonymous credentials?
No with anonimous wont connect.
I think that the client don't have the type of authentication required by the server, but I don't understand why ua expert can connected correctly with same parameters.
Probably the connect don't return the correct type of authentication required and the ua client sample don't recognize the certificate user authentication type.
I can't see the servers configuration xml because i don't have de access to the opcua server files.
05/30/2017
Offline
The issue is you have to ensure the Server trusts the Client and the Client trusts the Server.
Do you have access to the Server trust list?
05/25/2023
Offline
Randy Armstrong said
The issue is you have to ensure the Server trusts the Client and the Client trusts the Server.Do you have access to the Server trust list?
Yes I keep the der server certificate and put it in app data/local/ opcua foundation/ pki / trusted
And put the ua client .der certificate into server pki / trusted
I keep also the server ca issuers into client issuer cert and crl
Now I doubt about the path location of pki ua sample client but i think was correct path on my local machine.
05/30/2017
Offline
You need to enable the server log and find the error in the log file.
05/25/2023
Offline
Thank you for the help.
I resolved the problem.
The certificate is in the correct folder the problem is that for c# class i need the .pem file and not the .key file but i convert the .key file into another format to pass in c# class
2 Guest(s)
Usage Policy