Ignition opcua server error

Henrol_Jeo_Gutierrez · March 3, 2024, 6:12am

Hello community,

I created a opcua client and I want to connect it to Ignition opcua server
in Ignition opcua server settings:

I also created a user under opcua-module to be use by my client.

In the Ignition log, everytime I try to connect using my opcua-client, below is the error:

org.eclipse.milo.opcua.stack.core.UaException: no matching endpoint found: transportProfile=TCP_UASC_UABINARY, endpointUrl=opc.tcp://Henjoe-ObX:62541/discovery, securityPolicy=Basic128Rsa15, securityMode=SignAndEncrypt
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.lambda$openSecureChannel$3(UascServerAsymmetricHandler.java:397)
at java.base/java.util.Optional.orElseThrow(Unknown Source)
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.openSecureChannel(UascServerAsymmetricHandler.java:387)
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.lambda$sendOpenSecureChannelResponse$1(UascServerAsymmetricHandler.java:298)
at org.eclipse.milo.opcua.stack.core.channel.SerializationQueue.lambda$encode$0(SerializationQueue.java:52)
at org.eclipse.milo.opcua.stack.core.util.ExecutionQueue$Task.run(ExecutionQueue.java:119)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)

on my opcua-client configuration:

securityMode: Basic128Rsa15
securityPolicy: Sign & Encrypt
username: "my username in Ignition opcua module"
password: "my password in Ignition opcua module"
uri: opc.tcp://Henjoe-ObX:62541/discovery

Note that in URI settings I also use the opc.tcp://localhost:62541/discovery but it gives me the same error.
Already accepted/trusted my client certificate under server security in Ignition opcua.
Note that I can connect to other opcua server using this client
this is the error I received from my client-opcua:

'Ignition' connect failure! Error: The connection may have been rejected by server,
Err = (_socket has been disconnected by third party)

The error from Ignition logs it's quite obvious "no matching enpoint", but I am not quite sure how to troubleshoot it.

Thanks in advance.

Henrol_Jeo_Gutierrez · March 3, 2024, 7:40am

I recreated the scenario of the error using the Prosys Simulation server. The error will be gone when I accept the certificate from

rejected -> trusted

In Ignition, I already accepted the certificate but it seems like it doesn't accept it, that's why the error continues.

Henrol_Jeo_Gutierrez · March 3, 2024, 8:00am

The answer is here:

I am trying to connect to Ignition opcua server using enpoint with /discovery
I should not put that. Lol.

Kevin.Herron · March 3, 2024, 1:09pm

Many clients are broken and don't understand that the endpoint URL in the endpoints returned by the GetEndpoints service might be different than the one used to call GetEndpoints. They ignore it, and instead try to subsequently open a Session against the discovery URL, instead of the session URL indicated in the EndpointDescriptions.