I keep getting the following warning messages in the log files. What is causing this?
The certificate from an OPC UA application you are connecting to or receiving a connection from has a certificate that violates the spec in some way, but instead of rejecting the connection we're logging a warning and allowing it.
Such a noble and charitable attitude! 
Hah!
It's like police ignoring people driving 5 or so over the speed limit. The jails would be full otherwise. 
Three years after the 8.0 release a steady trickle of support tickets came in and they are just now stopping.
What happened after 3 years? The self-signed certs expired, and then the next time the gateway restarted or connection was reset, the loopback OPC UA connection failed.
There were also many, many support calls over the years about other 3rd party clients or server who got the certificate generation wrong in some way or another.
At some point in relatively recent history I basically made the default certificate validation logic treat all checks that the spec allows to be optional/suppressed as optional...
1 Like