Try tcp.port==4840 or whatever port FactoryTalk is using for OPC UA.
If you don’t see any traffic you may need to make sure you’re selecting the right network adapter, or the loopback adapter if they are on the same machine and you’re connecting via localhost.
OK looks like it is port 4990
I set the filter to tcp.port==4990. There was no traffic.
I then recreated the connection in Ignition. Still no traffic observed
OK I checked and I did not have local loopback
Changed to the Loop Back adapter and I see traffic on tcp.port==4990
What would you like me to capture ?
Start the capture and then do an edit/save on the connection in Ignition or just wait long enough that it has attempted to reconnect again. You should see among other things a GetEndpointsRequest and GetEndpointsResponse pair.
edit: actually you may not be able to see what they are if you don’t have Wireshark configured to interpret 4990 as OPC UA, but if you have a bunch of back and forth traffic you can send it my way and I’ll see if it’s what is needed.
OK I captured a block of data.
I’m emailing you the file.
Kevin, did the file I sent you contain any useful data ?
I didn’t get an email from you yesterday. Maybe one of our mail filters gobbled it up?
Did the file make it through ?
No, I PM’d you a dropbox link you can upload to instead.
Confirmed, the server is now legitimately sending a mismatched URI:
It would be great if you could contact Rockwell about this. They may actually fix it since you are presumably a customer.
Or modify the batch file to encode spaces in the subject alternate name as %20 instead of removing them. Since it is a batch file, you’ll probably have to double the percent signs to avoid environment substitution.
I don’t know if that will work, but it’s worth a shot.
Ah, I needed a good laugh today. Thank you! 
FWIW, a near-future versions is going to have the ability to suppress this check on a per-connection basis, as well as disable client-side certificate validation all together on a per-connection basis, for connecting to those servers that just can’t get it together.
In the past we’ve always been able to manage to get the server configured correctly somehow when this popped up but there’s been a couple cases now where that isn’t true.
