Some technical details to give them.
The Ignition OPC UA Server exposes two endpoints:
-
an endpoint running at “opc.tcp://localhost:62541/discovery”, which accepts unsecured connections and implements only the discovery services.
-
an endpoint running at “opc.tcp://localhost:62541”, which accepts connections with the configured security policies (only Basic256Sha256 by default).
The EndpointDescriptions returned by the GetEndpoints service at “opc.tcp://localhost:62541/discovery” contain endpoint URLs pointing to “opc.tcp://localhost:62541”.
If I recall, the problem is they follow and store the endpoint URL found when configured to use [1] but they do a traditional 2-step connect process where they connect and call GetEndpoints, find an endpoint that matches the desired configurations, then connect to that endpoint, but they try to do the discovery step against the 2nd endpoint URL that only accepts secured connections instead of the original discovery URL.