Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

The OPC-UA engine failed to connect to the underlying subsystems.

chrhardt
Topic Author
Offline
Senior Member

More

05 Apr 2020 19:19 #8354 by chrhardt

Replied by chrhardt on topic The OPC-UA engine failed to connect to the underlying subsystems.

Hello,

it works with the self-generated certificates.

Thank you for your help.
Best regards

Please Log in or Create an account to join the conversation.

support
Offline
Moderator

More

05 Apr 2020 09:41 #8353 by support

Replied by support on topic The OPC-UA engine failed to connect to the underlying subsystems.

Hello.
Roughly, the steps should be as follows:

1. Locate the Opc.Ua.CertificateGenerator.exe. You are already using Opc.Ua.ConfigurationTool.exe, it should be alongside it (for those who do not have the UA configuration tool: it can be downloaded from kb.opclabs.com/Tool_Downloads ).

2. Run following command:

Code:

Opc.Ua.CertificateGenerator.exe -storePath "C:\ProgramData\OPC Foundation\CertificateStores\MachineDefault" -applicationName TestOPC_UA

The store path should match the path from log entry Information(162).
The application name should match the ApplicationName from log entry Information(161).
Other parameters might be given to the certificate generator tool, use it with "/?" to obtain help.

3. Optionally (recommended), copy your certificate (that is, the one without private key) from "C:\ProgramData\OPC Foundation\CertificateStores\MachineDefault\certs" to "C:\ProgramData\OPC Foundation\CertificateStores\UA Applications\certs" . UA applications on the same computer that use the same certificate store will then automatically trust this client.

4. Run your application again.

Best regards

Please Log in or Create an account to join the conversation.

chrhardt
Topic Author
Offline
Senior Member

More

04 Apr 2020 22:22 #8352 by chrhardt

Replied by chrhardt on topic The OPC-UA engine failed to connect to the underlying subsystems.

1. Testing the Delphi examples was the first thing I did, both with the same error messages (Could not create a certificate via a proxy).

2. I installed QuickOPC on a virtual machine with a fresh Windows installation (I used the production installer). The results were the same for both the Delphi examples and my test program.

3. I tried two of the applications in the Demo-NET folder (EasyOpcUADemo and UALiveBindingDemo), both work well. Both certificates are listed in the Opc.Ua.ConfigurationTool.

Looks like generating the certificates by myself is the only way to make this work for me. Can you give me an example how to use the UA certificate generator correctly?
What do I have to consider in the program to be able to use the self-generated certificate?

Thank you for your help.
Best regards

Attachments:

Please Log in or Create an account to join the conversation.

support
Offline
Moderator

More

04 Apr 2020 13:45 #8351 by support

Replied by support on topic The OPC-UA engine failed to connect to the underlying subsystems.

You are not doing anything wrong. This has to do with creation of the UA application certificate for the client, and is a problematic area, further compounded by the use from COM tools (Delphi).

There is an almost guaranteed way to get around this - but somewhat complicated - so I do not suggest to use it as first option. Basically, you would need to use the UA certificate generator utility to generate the certificate and store into certificate store, and then instruct QuickOPC to use that certificate (by its name). Some related info: opclabs.doc-that.com/files/onlinedocs/QuickOpc/Latest/User%2...%20Instance%20Certificate.html .

But let's try to figure out what went wrong here. I have some questions.
1. What happens if you build and run some of the Delphi examples provided with the product? The UADocExamples project, or the EasyOpcUADemo?
2. Have you tried that on some other computer, and if so, what was the result?
3. What about the applications that ship with QuickOPC - let's say Connectivity Explorer? Does it work OK for connections to UA servers?

Thank you

Please Log in or Create an account to join the conversation.

chrhardt
Topic Author
Offline
Senior Member

More

03 Apr 2020 21:02 #8350 by chrhardt

Replied by chrhardt on topic The OPC-UA engine failed to connect to the underlying subsystems.

Hello,

I already tried to run as Administrator, with the same result.

This is the test program that I wrote. An empty form with only one button to start the connect and a memo field for the logs. (Large parts of it are from the QuickOPC User's Guide and Reference)

Code:

unit unitTestOPCUA;

interface

uses
  Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
  Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, System.Win.ComObj,
  OpcLabs_EasyOpcUA_TLB, OpcLabs_BaseLib_TLB;

type
  TClientConfigurationEventHandlers103 = class
    procedure OnLogEntry(
      ASender: TObject;
      sender: OleVariant;
      const eventArgs: _LogEntryEventArgs);
  end;

  TForm3 = class(TForm)
    Button1: TButton;
    Memo1: TMemo;
    procedure Button1Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);
  private
  public
  end;

var
  Form3: TForm3;
  Log: TMemo;

implementation

{$R *.dfm}

procedure TForm3.Button1Click(Sender: TObject);
var
  Client: OpcLabs_EasyOpcUA_TLB._EasyUAClient;
  ClientConfiguration: TEasyUAClientConfiguration;
  ClientConfigurationEventHandlers: TClientConfigurationEventHandlers103;
  Value: OleVariant;
begin
  Memo1.Lines.Append('Start Connect');

  ClientConfiguration := TEasyUAClientConfiguration.Create(nil);
  ClientConfigurationEventHandlers := TClientConfigurationEventHandlers103.Create;
  ClientConfiguration.OnLogEntry := ClientConfigurationEventHandlers.OnLogEntry;
  ClientConfiguration.Connect;

  try
    // Do something - invoke an OPC read, to trigger some loggable entries.
    Client := CoEasyUAClient.Create;

    try
      Value := Client.ReadValue(
        'http://opcua.demo-this.com:51211/UA/SampleServer',
        'nsu=http://test.org/UA/Data/;i=10853');
    except
      on E: EOleException do
      begin
        Memo1.Lines.Append(Format('*** Failure: %s', [E.GetBaseException.Message]));
      end;
    end;

  finally
    FreeAndNil(ClientConfiguration);
    FreeAndNil(ClientConfigurationEventHandlers);
  end;

  Memo1.Lines.Append('Finish');
end;

procedure TClientConfigurationEventHandlers103.OnLogEntry(
  ASender: TObject;
  sender: OleVariant;
  const eventArgs: _LogEntryEventArgs);
begin
  Log.Lines.Append(eventArgs.ToString);
end;

procedure TForm3.FormCreate(Sender: TObject);
begin
  Log := Memo1;
end;

end.

and this is the complete log:

Code:

Start Connect
Information(111): OPC-UA engine application info 'Time' -> UtcNow: 04/03/2020 20:44:57, Now: 04/03/2020 22:44:57, TickCount: 1813953.
Information(111): OPC-UA engine application info 'Debugger' -> IsAttached: False.
Information(111): OPC-UA engine application info 'AssemblyAttributes' -> AssemblyConfiguration: "Release".
Information(111): OPC-UA engine application info 'ExecutingAssembly' -> FullName: "OpcLabs.BaseLib, Version=5.57.125.1, Culture=neutral, PublicKeyToken=6faddca41dacb409", Location: "C:\Program Files (x86)\OPC Labs QuickOPC 2020.1\Assemblies\net47\OpcLabs.BaseLib.dll", GlobalAssemblyCache: False.
Information(111): OPC-UA engine application info 'AppDomain' -> Id: 1.
Information(111): OPC-UA engine application info 'SystemAssembly' -> FullName: "mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", Location: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll", GlobalAssemblyCache: True.
Information(111): OPC-UA engine application info 'Clr' -> ClrVersion: "4.0.30319.42000", PtrSize: 4.
Information(111): OPC-UA engine application info 'Process' -> Is64BitProcess: False, CurrentDirectory: "D:\Projekte\OPCTest\Win32\Debug", Id: 11032.
Information(111): OPC-UA engine application info 'User' -> Name: "-----------", DomainName: "----------", Interactive: True.
Information(111): OPC-UA engine application info 'OSConfiguration' -> MachineName: "SCRATCHY2", SystemPageSize: 4096.
Information(111): OPC-UA engine application info 'OperatingSystem' -> VersionString: "Microsoft Windows NT 6.2.9200.0".
Information(111): OPC-UA engine application info 'Environment' -> Is64BitOperatingSystem: True, SystemDirectory: "C:\WINDOWS\system32".
Information(111): OPC-UA engine application info 'Computer' -> ProcessorCount: 8.
Information(101): The OPC-UA engine is connecting to the underlying subsystems.
Information(132): OPC-UA engine SDK configuration successfully provided by "OpcLabs.EasyOpc.UA.Toolkit.ClientServer.InternalSdkConfigurationProvider".
Information(161): The OPC-UA engine has determined the client instance certificate parameters as listed below.
SubjectName: TestOPC_UA
StorePath: %CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault
ApplicationName: TestOPC_UA
ApplicationUri: urn:Scratchy2::1.0.0.0

Information(162): The OPC-UA engine will resolve the client instance certificate parameters directory store path to "C:\ProgramData\OPC Foundation\CertificateStores\MachineDefault".
Information(1201): Licensing for EasyUAClient component started, license serial number 1111111120, issuer name "OPC Labs", subject name "*".
Information(144): The OPC-UA engine has determined the application configuration parameters as listed below. 
ProductUri: urn:literal:string:TestOPC_UA
Information(13): External information from "InteractionProviderCompositor" (0,1): Newly selected interaction handler is 'WindowsForms'.
Information(106): The OPC-UA engine failed at tick 1816531 and will retry in 600000 milliseconds.
Error(102): The OPC-UA engine failed to connect to the underlying subsystems.
  OPC-UA service result - Could not create a certificate via a proxy: Der Vorgang wurde erfolgreich beendet = Bad.
---- SERVICE RESULT ----
Status Code: {Bad} = 0x80000000 (2147483648)

+ The SDK action called was "ApplicationInstance.CheckApplicationInstanceCertificate".
+ Following (4) events were gathered during the action on activity ID [10], in the order of first occurrence:
  SDK trace: Checking application instance certificate.
  SDK trace: Creating application instance certificate. KeySize=0, Lifetime=600
  SDK trace: Deleting application instance certificate.
  Exception: {System.ComponentModel.Win32Exception} Der Vorgang wurde erfolgreich beendet
+ The error occurred while creating or checking the (client) application instance certificate. Check event log entries for errors and warnings.
+ The certificate generator path was "D:\Projekte\OPCTest\Win32\Debug\Opc.Ua.CertificateGenerator.exe".
+ This is an engine-level error..
Information(101): The OPC-UA engine is connecting to the underlying subsystems.
Information(132): OPC-UA engine SDK configuration successfully provided by "OpcLabs.EasyOpc.UA.Toolkit.ClientServer.InternalSdkConfigurationProvider".
Information(161): The OPC-UA engine has determined the client instance certificate parameters as listed below.
SubjectName: TestOPC_UA
StorePath: %CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault
ApplicationName: TestOPC_UA
ApplicationUri: urn:Scratchy2::1.0.0.0

Information(162): The OPC-UA engine will resolve the client instance certificate parameters directory store path to "C:\ProgramData\OPC Foundation\CertificateStores\MachineDefault".
Information(144): The OPC-UA engine has determined the application configuration parameters as listed below. 
ProductUri: urn:literal:string:TestOPC_UA
Information(106): The OPC-UA engine failed at tick 1818406 and will retry in 600000 milliseconds.
*** Failure: OPC-UA service result - Could not create a certificate via a proxy: Der Vorgang wurde erfolgreich beendet = Bad.
---- SERVICE RESULT ----
Status Code: {Bad} = 0x80000000 (2147483648)

+ The SDK action called was "ApplicationInstance.CheckApplicationInstanceCertificate".
+ Following (4) events were gathered during the action on activity ID [11], in the order of first occurrence:
  SDK trace: Checking application instance certificate.
  SDK trace: Creating application instance certificate. KeySize=0, Lifetime=600
  SDK trace: Deleting application instance certificate.
  Exception: {System.ComponentModel.Win32Exception} Der Vorgang wurde erfolgreich beendet
+ The error occurred while creating or checking the (client) application instance certificate. Check event log entries for errors and warnings.
+ The certificate generator path was "D:\Projekte\OPCTest\Win32\Debug\Opc.Ua.CertificateGenerator.exe".
+ This is an engine-level error.
+ The client method called was 'ReadMultiple'
Finish

Best regards

Please Log in or Create an account to join the conversation.

support
Offline
Moderator

More

03 Apr 2020 17:34 #8349 by support

Replied by support on topic The OPC-UA engine failed to connect to the underlying subsystems.

Hello,
there can be multiple reasons for this.

Can you first try to run the application with elevated privileges ("Run as Administrator" command?).

Note: The event preceding the error in the log ("Information(106)...") relates to the same problem, it is not another error (although the way it gets logged is somewhat confusing in that respect, I agree).

Best regards

Please Log in or Create an account to join the conversation.

chrhardt
Topic Author
Offline
Senior Member

More

03 Apr 2020 14:40 #8348 by chrhardt

The OPC-UA engine failed to connect to the underlying subsystems. was created by chrhardt

Hello,

I'm relatively new to OPC UA. I tried the OPC UA demo for Delphi (EasyOpcUADemo) with Delphi XE8. (using the latest version QuickOPC 2020.1)
When I try to connect to an OPC UA server I get the following error:

OPC-UA service result - Could not create a certificate via a proxy: Der Vorgang wurde erfolgreich beendet = Bad.
---- SERVICE RESULT ----
Status Code: {Bad} = 0x80000000 (2147483648)

I wrote a simple test program to get some logentries. Another error appears before the error shown above.

Code:

Information(13): External information from "InteractionProviderCompositor" (0,1): Newly selected interaction handler is 'WindowsForms'.
Information(106): The OPC-UA engine failed at tick 13134109 and will retry in 600000 milliseconds.
Error(102): The OPC-UA engine failed to connect to the underlying subsystems.
  OPC-UA service result - Could not create a certificate via a proxy: Der Vorgang wurde erfolgreich beendet = Bad.
---- SERVICE RESULT ----
Status Code: {Bad} = 0x80000000 (2147483648)

+ The SDK action called was "ApplicationInstance.CheckApplicationInstanceCertificate".
+ Following (4) events were gathered during the action on activity ID [9], in the order of first occurrence:
  SDK trace: Checking application instance certificate.
  SDK trace: Creating application instance certificate. KeySize=0, Lifetime=600
  SDK trace: Deleting application instance certificate.
  Exception: {System.ComponentModel.Win32Exception} Der Vorgang wurde erfolgreich beendet

How can I fix this "The OPC-UA engine failed to connect to the underlying subsystems" error?

Thank you for your help.

Please Log in or Create an account to join the conversation.

Moderators: support, vaclav.zaloudek

Time to create page: 0.168 seconds

Powered by Kunena Forum