OPC-UA Connection between Ignition and Wincc

SaravanaKumar.S2 · January 30, 2021, 11:43am

Hello @Kevin.Herron, Can you please help with this issue.

We are trying to establish the OPC-UA connection between Ignition gateway and Siemens PCS7 v9.0.

Got the error Bad_SecurityChecksFailed.

Attached the error log.error.txt (2.2 KB)

Can anyone help me with the error message?

Ignition OPC configuration:

Security policy: Basic256sha256
Security mode: Sign&Encrypt

Ignition has accepted the certificate from siemens wincc.

Siemens side configuration

Security policy: Basic256sha256
Security mode: Sign&Encrypt

Since there is no option to accept the ignition client certificate, we have copied to the specific location in the siemens server.

Server endpoint selection:

Certificate trusted

Connection error

Kevin.Herron · February 1, 2021, 2:08pm

It looks like you’ve done all the things you’re supposed to do and WinCC is still sending back the Bad_SecurityChecksFailed error. You’ll probably have to contact Siemens support if you can’t figure out how to get more information about why.

SaravanaKumar.S2 · February 1, 2021, 6:47pm

Hello @Kevin.Herron,

Thanks for the reply

Have you checked the error log attached?

error.txt (2.2 KB)

Kevin.Herron · February 1, 2021, 6:47pm

Yes, the error is how I know it’s coming from the server and not being generated client side.

SaravanaKumar.S2 · February 1, 2021, 6:49pm

Thanks, @Kevin.Herron,

Suspected the same. Raised a request with siemens.

zxcslo · February 1, 2021, 7:41pm

Have you tried completely compile the PCS7 project and downloading it again?

SaravanaKumar.S2 · March 1, 2021, 12:49pm

Hello all,

We are able to rectify the issue. We found there are 2 root causes

Wincc connectivity pack license not available
OPC-UA client (ignition) should authenticate against the windows credentials of WinCC station.

Thanks for your support!

Regards,
Saravanan.