Professional OPC
Development Tools

logos

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

Certs malfunctioning after system image restore

More
21 Aug 2024 07:59 #13035 by support
Hello.

Unfortunately I cannot help with server issues.

Regards

Please Log in or Create an account to join the conversation.

More
20 Aug 2024 20:26 #13034 by CFrayneIonic
Here's the log for running about a minute. I've noticed in the file system that my application is creating a cert if that was what you were wondering, it's simply the server not creating them.
Thank you,
Connor Frayne
Information(101): The OPC-UA engine is connecting to the underlying subsystems.
Information(111): OPC-UA engine application info '$Collector' -> Name: "BaseLib", Version: "5.80.324.1".
Information(111): OPC-UA engine application info 'Time' -> UtcNow: 08/20/2024 20:21:51, Now: 08/20/2024 16:21:51, TickCount: 27669515.
Information(111): OPC-UA engine application info 'Debugger' -> IsAttached: True.
Information(111): OPC-UA engine application info 'AssemblyAttributes' -> AssemblyConfiguration: "Release".
Information(111): OPC-UA engine application info 'ExecutingAssembly' -> FullName: "OpcLabs.BaseLib, Version=5.80.324.1, Culture=neutral, PublicKeyToken=6faddca41dacb409", Location: "C:\Users\Connor.Frayne\Documents\SafeBoxHMI\SafeBox\bin\Debug\net8.0-windows10.0.17763.0\OpcLabs.BaseLib.dll".
Information(111): OPC-UA engine application info 'AppDomain' -> FriendlyName: "SafeBox", Id: 1.
Information(111): OPC-UA engine application info 'SystemAssembly' -> FullName: "System.Private.CoreLib, Version=8.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e", Location: "C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.8\System.Private.CoreLib.dll".
Information(111): OPC-UA engine application info 'Clr' -> ClrVersion: "8.0.8", PtrSize: 8.
Information(111): OPC-UA engine application info 'RuntimeEnvironment' -> RuntimeDirectory: "C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.8\", SystemVersion: "v8.0.8".
Information(111): OPC-UA engine application info 'RuntimeInformation' -> OSArchitecture: X64, OSDescription: "Microsoft Windows 10.0.22631", ProcessArchitecture: X64, FrameworkDescription: ".NET 8.0.8".
Information(111): OPC-UA engine application info 'Process' -> Is64BitProcess: True, CurrentDirectory: "C:\Users\Connor.Frayne\Documents\SafeBoxHMI\SafeBox\bin\Debug\net8.0-windows10.0.17763.0", Id: 31692.
Information(111): OPC-UA engine application info 'User' -> Name: "connor.frayne", DomainName: "IONIC-ENG", Interactive: True.
Information(111): OPC-UA engine application info 'OSConfiguration' -> MachineName: "SBSTUD01", SystemPageSize: 4096.
Information(111): OPC-UA engine application info 'OperatingSystem' -> VersionString: "Microsoft Windows NT 10.0.22631.0".
Information(111): OPC-UA engine application info 'Environment' -> Is64BitOperatingSystem: True, SystemDirectory: "C:\Windows\system32".
Information(111): OPC-UA engine application info 'Computer' -> ProcessorCount: 16.
Information(133): OPC UA SDK application configuration file path is "C:\Users\Connor.Frayne\Documents\SafeBoxHMI\SafeBox\bin\Debug\net8.0-windows10.0.17763.0\SafeBox.Config.xml", file exists: False.
Information(132): OPC-UA engine SDK configuration successfully provided by "InternalSdkConfigurationProvider("OpcLabs.EasyOpcUA, Version=5.80.324.1, Culture=neutral, PublicKeyToken=6faddca41dacb409", "OpcLabs.EasyOpc.UA.Toolkit.Client.UAClientEngine.Config.xml")".
Information(2103): OPC UA application state missing from storage provider "Directory: IsolatedStorage: IsolatedStorageFile((Machine, Application), Uri(file:///C:/Users/Connor.Frayne/Documents/SafeBoxHMI/SafeBox/bin/Debug/net8.0-windows10.0.17763.0/SafeBox.dll)) {RootDirectory="C:\ProgramData\IsolatedStorage\fvmeovb0.ahj\uxiubbdp.n0h\Url.5i40ghkfulzex3we3blgcsco2qk452km\AppFiles\"} -> UAClientServerEngine" file name "UAApplication.ini".
Information(144): The OPC-UA engine has determined the application configuration parameters as listed below. 
ProductUri: urn:literal:string:SafeBox
Information(103): The OPC-UA engine has successfully connected to the underlying subsystems.
Information(4021): The OPC-UA client session with connect sequence number 1 is connecting to endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA".
Information(161): The OPC-UA engine has determined new own application instance certificate sub-id "" parameters as listed below.
ApplicationType: Client
SubjectName: CN=SafeBox
StorePath: C:\\Program Files (x86)\\SafeBox\\OPC Foundation\\CertificateStores\\Machine Default
ApplicationName: SafeBox
ApplicationUri: uri:SBStud01:SafeBox
 
Information(162): The OPC-UA engine will resolve own application instance certificate sub-id "" parameters directory store path to "C:\\Program Files (x86)\\SafeBox\\OPC Foundation\\CertificateStores\\Machine Default".
Information(4021): The OPC-UA client session with connect sequence number 2 is connecting to endpoint URL "opc.tcp://[100::]/warmup".
Information(4031): The OPC-UA client session with connect sequence number 1 for discovery URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" will use an endpoint selection policy that has warnings. The policy warnings are:
- OPCUA0021: An endpoint with obsolete security policy may be selected by this policy.
 
Warning(4022): The OPC-UA client session with connect sequence number 2 failed to connect to endpoint URL "opc.tcp://[100::]/warmup". 
  UA SDK error (Opc.UA.ServiceResult=0x80310000) in 'DiscoveryClient.GetEndpoints'. OPC UA service result - {BadNoCommunication}. Error establishing a connection: BadNotConnected.
+ The error occurred when preselecting an endpoint for discovery URL "opc.tcp://[100::]/warmup".
+ Connection attempt #1; last connected at 0001-01-01 12:00:00 AM (local); unconnected for 00:00:00.0470000.
Information(4026): The OPC-UA client session on endpoint URL "opc.tcp://[100::]/warmup" failed at tick 27670171 and will retry in 10000 milliseconds.
Information(4001): OPC-UA endpoint selection on discovery URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" candidate report (4 entries) follows.
[0:AcceptedNotWinner(22.5), 1:AcceptedNotWinner(32.5), 2:EligibleNotAccepted(23.5), 3:Winner(33.5)].
Warning(4004): The preference for endpoint selection was not to use security, but the OPC-UA server endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA", selected using discovery on endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA", has message security mode 'SignAndEncrypt'. This happens when no unsecured endpoints are available and eligible for selection.
Information(4007): An OPC UA endpoint has been selected and normalized. Endpoint URL: "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA", security mode: 'SignAndEncrypt', security policy URI: "http://opcfoundation.org/UA/SecurityPolicy#Basic256", transport profile URI: "http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary"
Information(4032): The OPC-UA client session with connect sequence number 1 has preselected an OPC-UA endpoint for discovery URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" with following parameters:
Endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA", message security mode 'SignAndEncrypt', security policy URI "http://opcfoundation.org/UA/SecurityPolicy#Basic256", transport profile URI "http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary, use binary encoding: yes.
Information(4011): The OPC-UA client session with connect sequence number 1 user token selection on endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" candidate report (1 entries) follows.
[0:Winner("")].
Information(4014): The OPC-UA client session with connect sequence number 1 on endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" has been associated with user identity token type 'Anonymous', display name "Anonymous".
Information(4171): The OPC-UA server on endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" returned an empty list of software certificates.
Information(4301): The client session on endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" has read server start time 08/20/2024 16:40:32 and build info ProductUri="urn:Pilz:PSS4000OPCServerUA", ManufacturerName="Pilz GmbH & Co. KG, D-73760 Ostfildern, http://www.pilz.de", ProductName="PSS 4000 OPC Server UA", SoftwareVersion="1.21.0", BuildNumber="41", BuildDate=04/21/2020 18:00:06.
Information(4023): The OPC-UA client session with connect sequence number 1 has successfully connected to endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA". The server-assigned session Id is "ns=3;i=248877170".
Information(6002): The OPC-UA subscription on client session with connect sequence number 1 to endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" has been successfully created and checked, and given subscription ID 885533814. Revised publishing interval is 150, keep-alive count is 576000 and lifetime count is 1728000.
Information(6002): The OPC-UA subscription on client session with connect sequence number 1 to endpoint URL "opc.tcp://192.168.1.101:40853/Pilz/PSS4000OPCServerUA" has been successfully created and checked, and given subscription ID 885533815. Revised publishing interval is 100, keep-alive count is 864000 and lifetime count is 2592000.

Please Log in or Create an account to join the conversation.

More
20 Aug 2024 17:07 #13033 by support
Hello,
regarding the certificate creation issue:

I do not think it is your code causing this - but I do think it is the System Restore that is at fault.

It would be useful to know what is the error that prevents QuickOPC from generating the certificate (the error you provided is from the OPC AU configuration utility, which can be the same thing, but we cannot be sure). Does your program report any error? If not, can you please hook to the static EasyUAClient.LogEntry event, and collect the event entries generated when the certificate should be create (and is not)?

Also, although the error message is different, I think it would be worth checking the permissions on the C:\ProgramData\Microsoft\Crypto\RSA folder - as it was with the issue described here: kb.opclabs.com/Error_%22The_specified_network_password_is_no...ey_container_was_not_found.%22 . And try the Resolution steps, if the permissions are not as they should be.

And I also recommend to check the permissions on the certificate store folders.

Best regards

Please Log in or Create an account to join the conversation.

More
20 Aug 2024 14:58 #13032 by support
Yes,
in this case I think there is little that can be done/has to do with the client side of things.

The status code (BadWaitingForInitialData) is not something that the client has made up. It is what the client has received from the server. So if the server is sending the client this status code, and you think it is not appropriate, the investigation should start at the server side.

I will reply to the certificate-related issue separately later.

Best regards

Please Log in or Create an account to join the conversation.

More
20 Aug 2024 14:55 #13031 by CFrayneIonic
Hello,
By looking through connectivity explorer I found that all my tags were "BadWaintingForInitialData", to me this seems like a separate issue but it could help you in knowing the issue so I'm posting it here.

This seems to be an issue with our OPC server provider so I'll go through them with this.
Thank you,
Connor Frayne
Attachments:

Please Log in or Create an account to join the conversation.

More
20 Aug 2024 13:33 - 20 Aug 2024 13:42 #13030 by CFrayneIonic
Hello,
After doing a system image recovery on a faulty machine, I tried reinstalling my application on the device and I'm having some strange Cert issues, the application doesn't seem to correctly generate its certs. This specific issue hasn't happened before on other devices none of which have been image restored, which leads me to believe it was the image restore causing this; However, it is possible that my code is the source as I do do AES crypto in my code.

Im on QuickOPC 2024.1
Here are the only application parameters I set:
EasyUAApplication.Instance.ApplicationParameters.ApplicationManifest.ApplicationName = "SafeBox"
 EasyUAApplication.Instance.ApplicationParameters.ApplicationManifest.InstanceIssuerStorePath = "C:\\Program Files (x86)\\SafeBox\\OPC Foundation\\CertificateStores\\UA Certificate Authorities"
 EasyUAApplication.Instance.ApplicationParameters.ApplicationManifest.InstanceOwnStorePath = "C:\\Program Files (x86)\\SafeBox\\OPC Foundation\\CertificateStores\\Machine Default"
 EasyUAApplication.Instance.ApplicationParameters.ApplicationManifest.InstanceTrustedStorePath = "C:\\Program Files (x86)\\SafeBox\\OPC Foundation\\CertificateStores\\UA Applications"
 EasyUAApplication.Instance.ApplicationParameters.ApplicationManifest.RejectedStorePath = "C:\\Program Files (x86)\\SafeBox\\OPC Foundation\\CertificateStores\\RejectedCertificates"
Thank you,
Connor Frayne
Attachments:
Last edit: 20 Aug 2024 13:42 by CFrayneIonic.

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.122 seconds