I have an issue with OPC UA connection Faulted " no anonymous token policy found "
java.lang.Exception: no anonymous token policy found
at org.eclipse.milo.opcua.sdk.client.api.identity.AnonymousProvider.lambda$getIdentityToken$2(AnonymousProvider.java:47)
at java.base/java.util.Optional.orElseThrow(Unknown Source)
at org.eclipse.milo.opcua.sdk.client.api.identity.AnonymousProvider.getIdentityToken(AnonymousProvider.java:47)
at org.eclipse.milo.opcua.sdk.client.session.SessionFsmFactory.activateSession(SessionFsmFactory.java:925)
at org.eclipse.milo.opcua.sdk.client.session.SessionFsmFactory.lambda$configureActivatingState$19(SessionFsmFactory.java:353)
at com.digitalpetri.strictmachine.dsl.ActionBuilder$PredicatedTransitionAction.execute(ActionBuilder.java:119)
at com.digitalpetri.strictmachine.StrictMachine$PollAndEvaluate.lambda$run$0(StrictMachine.java:242)
at java.base/java.util.ArrayList.forEach(Unknown Source)
at com.digitalpetri.strictmachine.StrictMachine$PollAndEvaluate.run(StrictMachine.java:227)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Thank you Kevin,
Do I need to configure a username and password in Machine side or ignition side?
if I should configure it in ignition side how can I do it?
I already setup few machines by using OPC UA and never had this error.
Also, sometimes I get this Fault too:
"status=Bad_CertificateUriInvalid, description=The URI specified in the ApplicationDescription does not match the URI in the Certificate."
UaException: status=Bad_CertificateUriInvalid, message=The URI specified in the ApplicationDescription does not match the URI in the Certificate.
at org.eclipse.milo.opcua.stack.core.util.validation.CertificateValidationUtil.checkApplicationUri(CertificateValidationUtil.java:678)
at org.eclipse.milo.opcua.stack.client.security.DefaultClientCertificateValidator.validateCertificateChain(DefaultClientCertificateValidator.java:100)
at org.eclipse.milo.opcua.sdk.client.api.identity.UsernameProvider.getIdentityToken(UsernameProvider.java:162)
at org.eclipse.milo.opcua.sdk.client.session.SessionFsmFactory.activateSession(SessionFsmFactory.java:925)
at org.eclipse.milo.opcua.sdk.client.session.SessionFsmFactory.lambda$configureActivatingState$19(SessionFsmFactory.java:353)
at com.digitalpetri.strictmachine.dsl.ActionBuilder$PredicatedTransitionAction.execute(ActionBuilder.java:119)
at com.digitalpetri.strictmachine.StrictMachine$PollAndEvaluate.lambda$run$0(StrictMachine.java:242)
at java.base/java.util.ArrayList.forEach(Unknown Source)
at com.digitalpetri.strictmachine.StrictMachine$PollAndEvaluate.run(StrictMachine.java:227)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
This one means the server is misconfigured. There is a URI that identifies the server, and it's supposed to be present in both the certificate itself, and in the endpoints returned by the server during the GetEndpoints discovery service call.
If these URIs don't match the client should not connect, which is what you're seeing here.
Kevin,
How is it possible that I can connect to the machine with UA-Expert and see all tags, But ignition keep giving me these two errors?
both should follow OPC UA standard protocol.
If those two URI values are really different then you probably clicked through a dialog in UaExpert saying to trust the certificate and connect anyway.
There’s an equivalent option to disable certificate validation in the advanced settings of the OPC UA connection in Ignition.
If you still can’t get connected then give support a call and they can help you figure out what’s different about the two configurations.
