BadIdentityTokenInvalid error when accessing Node OPCUA server

Forum Home Forums Communicating with Devices BadIdentityTokenInvalid error when accessing Node OPCUA server

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #7330
    kumajaya
    Participant

    Short story: Fixed with this commit

    Long story: I can access Node OPCUA server from Python opc-client, Prosys OPCUA Explorer, and UaExpert but not from RS OPCUA driver with BadIdentityTokenInvalid error. I decided to compile Reference Client from OPCFoundation (with same branch as use by KpOpcUa, with hard coded certificate check domain disabled) and voila… I can access Node OPCUA server. So, my above change based on what I have found in OPCFoundation example codes.

    #7331
    kumajaya
    Participant

    Same problem in both RS running on Windows and Linux.

    #7335
    Mikhail
    Moderator

    I’ve copied my answer from GitHub:

    Thank you for the pull request, but I can’t merge it because of the following:

    1. Pull requests in this repository should be targeted to the develop branch.
    2. Removing the lines makes impossible to apply the corresponding configuration options.
    3. You should try changing the device configuration in KpOpcUa_XXX.xml to use the correct SecurityMode and SecurityPolicy.

    Please try the 3rd item and let me know about the result.

    #7339
    kumajaya
    Participant

    OK. I’ll check it.

    #7340
    kumajaya
    Participant

    Oh my bad… Sign & encrypt and Basic256Sha256 is the only security mode and policy accepted by my Node OPCUA server. Let me check further what’s exactly the problem.

    #7342
    kumajaya
    Participant

    I can connect with every 7 combination supported by Node OPCUA from UaExpert dan Prosys including “None and None” but only “Sign & encrypt and Basic256Sha256” with KpOpcUa. No problem, I can connect to Node OPCUA server now without modified source code.

    #7344
    Mikhail
    Moderator

    I can connect to Node OPCUA server now without modified source code.

    Good.

    I can connect with every 7 combination supported by Node OPCUA from UaExpert dan Prosys including “None and None” but only “Sign & encrypt and Basic256Sha256” with KpOpcUa.

    Interesting. Could you also try this official utility made by OPC Foundation? The source code of the utility is available on OPC Foundation’s GitHub if needed.

    #7345
    kumajaya
    Participant

    I can connect with every security level supported by the server using above official client.

    #7350
    Mikhail
    Moderator

    This means that likely it’s possible to make the driver work with different security levels. Because the driver uses the same OPC UA libraries. Debug needed.

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.