Hi i am working on a project using codesys on a phoenix plcnext plc i have trusted the ignition certificate and I still cannot connect. I also cannot connect even with the security certificate box unchecked. I have tried testing on uaexpert as a client and it was giving me a bad time error i changed the PLC clock now it gives me a badtimeout error and on ignition i get a UaException: status=Bad_CertificateUseNotAllowed
What version of Ignition are you using? Are you able to get a Wireshark capture?
I think Bad_CertificateUseNotAllowed is returned by the Server in this case, indicating it may not like something about Ignition's client certificate. Is there any more to error message / stack trace available?
8.1.48 The system is at somewhere I am working on being able to wireshark it but would it help to have the certificates? at first uaexpert was giving me a timeerror about my plc's clock not being set right so i changed that and now i get the bad timeout on there ignition has been steady with the bad certificate not allowed the wole time
Sure I can take a look at the certificates and see if anything stands out.
If you can, attach the Ignition OPC UA client certificate and the OPC UA server certificate from PLCnext.
Is your Ignition an upgrade from a previous version?
I think you may need to regenerate the Ignition OPC UA client certificate. Newly generated self-signed certificates should indicate they are not a CA, but yours is indicating that it is. This was a change that happened some time in OPC UA 1.05, and I'm guessing the PLCnext server has a configuration switch hidden away somewhere to allow the legacy behavior (self-signed certs with the CA flag). But it's easier to just generate a new client certificate for Ignition.
After you regenerate it you may need to edit/save the connection to force it to be picked up, not sure.
Got it thanks so much!