06/22/2023
The .NET client, when restarted, fails to establish the connection. I think it fails to find the certificate which is already trusted in the store. (The certificate is already trusted by the server)
Here are the code screenshots:
Any help with this? Error establishing a connection: Error received from remote host: BadSecurityCheecksFailed
05/30/2017
If it is coming from the Server then the Server needs to be told to trust the Client certificate.
The client then has to trust the Server certificate in separate step.
Code to manage certificates on the client side is here:
09/02/2024
I tried changing the code like that example but it’s still not working.
So let me explain the usecase.
I have a client which creates his own certificate I think through the OPC Nuget code.
It tries to connect to the server with that cert and it get auto rejected, my client immediatly gets a validation error: BadCertificateUntrusted back.
When I manually trust the cert on the server side, my client isn’t getting any feedback from the server about this, I suspected that the same eventhandler would than say something like Cert Trusted.
I did add the e.Accept = true in the eventhandler but that didn’t change anything.
The other problem is when I try to connect again it (the client) recreates a new certificate and not reusing the previous (manual trusted) certification, which I think could also potentially solve the previous issue.
05/30/2017
If the client is creating a new certificate each time there is something wrong with configuration.
i.e. the client configuration does not allow it to find the previously created certificate.
you may need to debug
var certOK = application.CheckApplicationInstanceCertificate(false, 0).Result;
To figure what is wrong in configuration.
09/06/2024
I’m facing the same issue. in some way, when supplying a new CertificateIdentifier with an existing trusted certificate keeps giving errors.
var cert = new X509Certificate2(certificateLocation);
var cid = new CertificateIdentifier(cert);
it keeps creating new instances of the certificate instead of reusing an existing one.
Any progress on the previous replies?
05/30/2017
Certificates are re-created if there is a mismatch between configuration and the certificate.
Set application.DisableCertificateAutoCreation = true;
To stop this from happening.
However, if there is a mismatch you will not have a certificate.
There appear to be a lot of log messages in the code in:
https://github.com/OPCFoundati…..ce.cs#L437
So please turn on logging.
09/02/2024
I tried the disablecertificateautocreation true and indeed it doesn’t do anything now.
But it threw an exception:
[Image Can Not Be Found]
(Added an extra comment because I’m not sure if my pictures are working)
Exception: Opc.Ua.ServiceResultException: There is no cert… with subject… in the configuration.
Please generate a cert for you application,
then copy the new cert to this location:
C:\Skyline DataMiner\Documents\own
But in that directory I have 2 folders (certs and private) with some files but no files in the “own” folder.
[Image Can Not Be Found]
[Image Can Not Be Found]
[Image Can Not Be Found]
Any idea why it would not fine the correct certificate, I tried putting it in the own directory but got the same exception logging.
1 Guest(s)