OPC UA with Security Options None - None

Hello !
I have a question regarding OPC Connections with an OPC UA Server.
I am able to have a Secure Connections with Security Options : Basic128Rsa15 - Sign&Encrypt and Basic256 - Sign. and with Anonymous or Credentials

I have a problem with Security Option : None - None. with Anonymous and Credentials

Your client send a CreateSesion Request to my Server with those Security Option. My Server send the CreateSessionResponse with StatusCode : Good but with the ServerCertificateField empty.
Then your client Close immediately the SecureChannel.

The OPC UA Specification 1.02 say “If the securityPolicyUri is NONE and none of the UserTokenPolicies requires encryption, the Server shall not send an ApplicationInstanceCertificate and the Client
shall ignore the ApplicationInstanceCertificate.”

So my question is : Is Ignition always looking for a Certificate in the ApplicationInstanceCertificate field of the CreateSessionResponse or is the error coming from something else ?

Can you find the “export logs” link in the Console area of the gateway, export those, and attach them to this post?

Alternatively, if you can send me a copy of your OPC server, or expose it to the internet so I can connect somehow, I can try to troubleshoot it that way as well.

It does appear that I’m expecting the server certificate to be present, so maybe the logs won’t be necessary after all.

I’ll have to do some work on the client to fix this.

Ok. It is specified in : server Certificate.

Edit : I check. This is a new feature since the 1.01 require the Server send certificate with any Security Policy. With 1.02 the client shall not verify the Server Certificate if the Security Policy is None

I’ve fixed this for our next release (Ignition 7.5.7, OPC-UA module 1.5.7).

Ok. Thanks for the quick Fix.

No problem. Better now than at the interop in a couple weeks! :slight_smile: