Cannot connect to production OPC UA server from remote computer

I recently migrated our company’s workflow to use git, based on the the best practices document by IA. Makes life much easier but my problem now is accessing the OPC UA server on our production server. I created a new user dev with a password in the opcua-module on the production side and tried to connect from my computer. My local ignition was able to find the production endpoint but when I finally authenticate with the ‘dev’ user it faults out giving the following error:

UaException: status=Bad_SecurityChecksFailed, message=certificate path validation failed
	at org.eclipse.milo.opcua.stack.core.util.CertificateValidationUtil.verifyTrustChain(
	at org.eclipse.milo.opcua.sdk.client.api.identity.UsernameProvider.getIdentityToken(
	at org.eclipse.milo.opcua.sdk.client.session.SessionFsmFactory.activateSession(
	at org.eclipse.milo.opcua.sdk.client.session.SessionFsmFactory.lambda$configureActivatingState$17(
	at com.digitalpetri.strictmachine.dsl.ActionBuilder$PredicatedTransitionAction.execute(
	at com.digitalpetri.strictmachine.StrictMachine$PollAndEvaluate.lambda$run$0(
	at java.base/java.util.ArrayList.forEach(Unknown Source)
	at com.digitalpetri.strictmachine.StrictMachine$
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor$ Source)
	at java.base/ Source)

8.0.12 (b2020042115)
Azul Systems, Inc. 11.0.6

I’ve reset the password multiple times on the ‘dev’ user and it still faults. I don’t get any prompt for accepting a new certificate either. What am I missing?

Turns out I need to trust some certificates in the Security Settings of OPC config. All sorted now.