Ignition OPC UA Server Faulted after attempting to change the password

After I changed the password, Ignition OPC UA Server has been faulted.

I tried deleting and recreating the certs, but that didn’t fix it, I’m not sure what to do. Or why changing the password is an option if it causes a major fault.

This is the fault got

java.lang.Exception: Error creating OPC server "Ignition OPC UA Server" of type "com.inductiveautomation.OpcUaServerType" at com.inductiveautomation.ignition.gateway.opc.OpcConnectionManagerImpl.newOpcConnection(OpcConnectionManagerImpl.java:194) at com.inductiveautomation.ignition.gateway.opc.OpcConnectionManagerImpl.registerConnectionType(OpcConnectionManagerImpl.java:314) at com.inductiveautomation.ignition.gateway.opcua.OpcUaModule.startup(OpcUaModule.kt:304) at com.inductiveautomation.ignition.gateway.opcua.OpcUaModuleHook.startup(OpcUaModuleHook.kt) at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl$LoadedModule.startup(ModuleManagerImpl.java:2392) at com.inductiveautomation.ignition.gateway.modules.ModuleManagerImpl.startup(ModuleManagerImpl.java:419) at com.inductiveautomation.ignition.gateway.IgnitionGateway.startupInternal(IgnitionGateway.java:1315) at com.inductiveautomation.ignition.gateway.redundancy.RedundancyManagerImpl.startup(RedundancyManagerImpl.java:306) at com.inductiveautomation.ignition.gateway.IgnitionGateway.initRedundancy(IgnitionGateway.java:758) at com.inductiveautomation.ignition.gateway.IgnitionGateway.lambda$initInternal$0(IgnitionGateway.java:692) at com.inductiveautomation.ignition.common.execution.impl.BasicExecutionEngine$ThrowableCatchingRunnable.run(BasicExecutionEngine.java:544) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.base/java.util.concurrent.FutureTask.run(Unknown Source) at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source) Caused by: java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption. at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(Unknown Source) at java.base/sun.security.util.KeyStoreDelegator.engineGetKey(Unknown Source) at java.base/java.security.KeyStore.getKey(Unknown Source) at com.inductiveautomation.ignition.gateway.opcua.KeyStoreManager.getKeyPair(KeyStoreManager.kt:66) at com.inductiveautomation.ignition.gateway.opcua.client.connection.OpcUaConnectionType.createNewOpcConnection(OpcUaConnectionType.kt:54) at com.inductiveautomation.ignition.gateway.opc.OpcConnectionManagerImpl.newOpcConnection(OpcConnectionManagerImpl.java:171) ... 16 more Caused by: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption. at java.base/com.sun.crypto.provider.CipherCore.unpad(Unknown Source) at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(Unknown Source) at java.base/com.sun.crypto.provider.CipherCore.doFinal(Unknown Source) at java.base/com.sun.crypto.provider.PBES2Core.engineDoFinal(Unknown Source) at java.base/javax.crypto.Cipher.doFinal(Unknown Source) at java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(Unknown Source) at java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(Unknown Source) ... 22 more 8.1.38 (b2024030513) Azul Systems, Inc. 17.0.9

Uncheck advanced if necessary and find the Key Store Alias and Key Store Alias Password settings. Make sure these are client and password.

That error is happening when trying to access the KeyStore, it's not related to the username/password used for the Session.

I’m not really sure what you’re suggesting, I ended up reloading a backup of the gateway, nothing would fix it. Is there a way to change the OPC server password without causing an unrecoverable fault? I tried changing the password for the Ignition OPC UA Server because I wanted to try accessing it from another client, but I don’t know what the password for it is.

The default username and password for the server is opcuauser / password.

The settings page in your screenshot is the settings for the connection to the server, not the server itself.

If you wanted to change the server password or add a new username you would need to edit the user profile (named "opcua-module" by default) used by the server. Editing the password for the "opcuauser" user would then require updating the password used by the connection.

That connection settings page also has another password buried in the advanced settings, for accessing the KeyStore file, that it appears you accidentally changed and it resulted in an uncaught error while loading the connections.

Sounds like you're recovered at this point, but if you need further help getting any of this set up or another client connected give support a call and they can walk you through it.