Failed to create session between Prosys OPC and Ignition server

Hello,

I have a Java OPC UA client app relying on

  • Opc.Ua.Stack-1.02.337.4.jar
  • Prosys-OPC-UA-Java-SDK-Client-Binary-2.2.0-552.jar

which communicates with an Ignition server 7.8.3 (module OPC-UA version 3.8.3).

Now, still from the exact same client, i'm trying to connect to a new version of Ignition server 8.1.36 (module OPC-UA version 9.1.36), but i get the following error :

In both cases, the client is using Security Mode : none and SecurityPolicy : None. Also, the server is configured accordingly None SecurityPolicy connections.
Moreover, on the older Ignition server, there's no trace of certificate which belongs to the client, but the connexion is successfull.

Here is some details about informations returned by the server when using the prosysopc manually with the working connection (Ignition server 7.8.3) :

And here the same infos returned by the new Ignition server :

Do you have any clue about the problem i'm facing ?

Thanks

No, maybe you can get a Wireshark capture of the client trying to connect to the Ignition 8.1 server?

Subsequent posts should provide text when appropriate, not screenshots of text (or worse in this case, photos of a screen).

Thanks for your reply,

i've captured the connection try between the client and the server version 8.1 in a .pcap, but i would rather not share it publicly. Could you please provide another way to send it ?

You can try sending it to me in a DM or uploading it somewhere and sending me the link.

I can't send you a dm : "An error occurred: Sorry, you cannot send a personal message to that user"

Maybe I can send it to you on this mailbox ? kevin@inductiveautomation.com
(found on another topics)

Yeah, try sending it to that email address.

Do you or somebody from your company already have a support ticket open? This is sounding a lot like an existing ticket I consulted on last week.

To our knowledge no

Ok, well if you can get that Wireshark capture over I'll take a look. I suspect I know what's wrong, and the capture may confirm it.

I sent the capture by email to kevin@inductiveautomation.com

It doesn't seem to be coming through, I DM'd you a Dropbox link you can upload to.

I just unlocked the trust level, I sent it to you in DM

It looks like your client is failing to select endpoints somewhere in this code block (or something similar, the version you're using is older than what's available on GitHub): UA-Java-Legacy/src/org/opcfoundation/ua/application/Client.java at a14130d5cc56e8bf1eaebc205f6a964b00f6cc08 · OPCFoundation/UA-Java-Legacy · GitHub

I suspect it's because the EndpointDescription[] returned in the GetEndpointsResponse service include the server certificate, where the EndpointDescription[] returned in the CreateSessionResponse does not, but the match criteria used by the select function includes the certificate.

This information is probably only useful to somebody who can modify the source code of your application, or possibly upgrade the dependencies.

thanks, I'll look at that