OpcUa Client connect to ignition OPCUA

Hi, i’m trying to access the ignition opcUA through an opc client (UAExpert) and get the following error

The certificate of UA is trusted in ignition and the ussername and password are set correctly into UAExpert.

Client and ignition are for the moment on the same machine and i’m using the local endpoint of ignition: opc.tcp://localhost:62541/discovery

Any help would be appreciated.



What version of Ignition and UaExpert are you using?

Are there any errors in the Ignition Gateway logs after you try to connect?

Hi Kevin,

I’m using ignition 8.1.0-rc1 (b2020091420) and UAExpert 1.5.1 331

in ignition logs i have the following error:

UascServerAsymmetricHandler 24Sep2020 19:09:09 Error installing security token: StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}
org.eclipse.milo.opcua.stack.core.UaException: no matching endpoint found: transportProfile=TCP_UASC_UABINARY, endpointUrl=opc.tcp://localhost:62541/discovery, securityPolicy=Basic256Sha256, securityMode=SignAndEncrypt

at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.lambda$openSecureChannel$3(UascServerAsymmetricHandler.java:407)
at java.base/java.util.Optional.orElseThrow(Unknown Source)
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.openSecureChannel(UascServerAsymmetricHandler.java:397)
at org.eclipse.milo.opcua.stack.server.transport.uasc.UascServerAsymmetricHandler.lambda$sendOpenSecureChannelResponse$1(UascServerAsymmetricHandler.java:301)
at org.eclipse.milo.opcua.stack.core.channel.SerializationQueue.lambda$encode$0(SerializationQueue.java:57)
at org.eclipse.milo.opcua.stack.core.util.ExecutionQueue$Task.run(ExecutionQueue.java:119)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)|

Try removing the “/discovery” from the endpoint URL in UaExpert. You an right-click and go to Properties… on the server entry.

when doing this, i get the same error into the log but is get the following into UAExpert:

So your server settings look like this (except with localhost instead)?

I’m not sure what’s going wrong. If it’s really the exact same error message it means UaExpert is using the wrong endpoint URL, but I have the same version and it works fine.

For me, I use the /discovery URL during the custom discovery step in UaExpert, select an endpoint, then it adds the server entry into the tree on the left without the /discovery suffix, as it should, because the endpoints presented in the discovery use a different URL.

Yes also i’m in trial version of ignition can this be an issues?

Shouldn’t be an issue.

Well, really strange.
When entering the server data manually it doesn’t work. when using the discovery like you did it’s working.

thanks for your help Kevin


Seems to be a bug in UaExpert. I cannot get it to connect when using the advanced configuration instead of discovery either. In either variation of the endpoint URL it attempts to connect with some incorrect detail.

always good to know, i can move forward now


A post was split to a new topic: OPC Tag Browser Not Working?