Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. General and Desktop
  4. QtOpcUa Client with encryption
Forum Updated to NodeBB v4.3 + New Features

QtOpcUa Client with encryption

Scheduled Pinned Locked Moved Unsolved General and Desktop
3 Posts 3 Posters 688 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • N Offline
    N Offline
    niodo
    wrote on last edited by niodo
    #1

    Hi everybody,

    First: I'm using Windows 10, Qt 5.14.1 and QtOpcUa 5.14.1.

    After finally be able to built QtOpcUa ( Open62541 as backend )with encryption support i'm still not able to connect to OpcUa server with encryption. I'm using the OpcUaViewer example.
    If i run the following two commands:

    qDebug() << "SuppertedUserTokeTypes:" <<mOpcUaClient->supportedUserTokenTypes(); 
    qDebug() << "SupportedSecurityPolicies:" << mOpcUaClient->supportedSecurityPolicies();
    

    The output is :

    Debug: SuppertedUserTokeTypes: QVector(0, 1)
    Debug: SupportedSecurityPolicies: ("http://opcfoundation.org/UA/SecurityPolicy#None", "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15", "http://opcfoundation.org/UA/SecurityPolicy#Basic256", "http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256")
    

    SupportedSecurityPolicies looks good but shouldn't SupportedUserTokenTypes also includes QOpcUaUserTokenPolicy::Certificate (2 ) ?

    If i'm trying to connect to the server as follow:
    EstablishConnection.PNG
    , the error output of the method MainWindow::showErrorDialog is nothing because the switch-case is

    QOpcUaErrorState::ConnectionStep::Unknown:
    

    For the sake of debugging i put an debug statement there as well:

    void MainWindow::showErrorDialog(QOpcUaErrorState *errorState)
    {
        int result = 0;
    
        const QString statuscode = QOpcUa::statusToString(errorState->errorCode());
    
        QString msg = errorState->isClientSideError() ? tr("The client reported: ") : tr("The server reported: ");
        qDebug() << msg;
        switch (errorState->connectionStep()) {
        case QOpcUaErrorState::ConnectionStep::Unknown:
            qDebug() << errorState->errorCode();
    		qDebug() << statuscode;
            break;
    

    which gives the following output:

    Debug: Client state changed QOpcUaClient::Connecting 
    Debug: "The server reported:
    Debug: QOpcUa::BadConnectionClosed
    Debug: "BadConnectionClosed" 
    Warning: Open62541: Failed to connect
    

    More Information which could be helpful:
    I created the clients certificate according the following link: https://doc-snapshots.qt.io/qtopcua/security.html.
    When trying to connect to the Server, the Certificate appears in the Rejected folder (on the server side) which is as expected. After moving it from Rejected to Trusted and trying to connect again, the Certificates just appears again in Rejected. See below: (altough it has the same thumpprint ) .

    ServerSideCertifacteConfiguration.png

    To sum Up:
    1) Does supportedUserToken should also return QOpcUaUserTokenPolicy::Certificate(2)? And if yes, what do i need to do that it does?
    2)Does Question Number one has something to do with my Certificate showing up twice and not beeing recognized as trusted?

    Any help is appreciated. Thanks in advanced.

    ODБOïO 1 Reply Last reply
    0
    • N niodo

      Hi everybody,

      First: I'm using Windows 10, Qt 5.14.1 and QtOpcUa 5.14.1.

      After finally be able to built QtOpcUa ( Open62541 as backend )with encryption support i'm still not able to connect to OpcUa server with encryption. I'm using the OpcUaViewer example.
      If i run the following two commands:

      qDebug() << "SuppertedUserTokeTypes:" <<mOpcUaClient->supportedUserTokenTypes(); 
      qDebug() << "SupportedSecurityPolicies:" << mOpcUaClient->supportedSecurityPolicies();
      

      The output is :

      Debug: SuppertedUserTokeTypes: QVector(0, 1)
      Debug: SupportedSecurityPolicies: ("http://opcfoundation.org/UA/SecurityPolicy#None", "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15", "http://opcfoundation.org/UA/SecurityPolicy#Basic256", "http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256")
      

      SupportedSecurityPolicies looks good but shouldn't SupportedUserTokenTypes also includes QOpcUaUserTokenPolicy::Certificate (2 ) ?

      If i'm trying to connect to the server as follow:
      EstablishConnection.PNG
      , the error output of the method MainWindow::showErrorDialog is nothing because the switch-case is

      QOpcUaErrorState::ConnectionStep::Unknown:
      

      For the sake of debugging i put an debug statement there as well:

      void MainWindow::showErrorDialog(QOpcUaErrorState *errorState)
      {
          int result = 0;
      
          const QString statuscode = QOpcUa::statusToString(errorState->errorCode());
      
          QString msg = errorState->isClientSideError() ? tr("The client reported: ") : tr("The server reported: ");
          qDebug() << msg;
          switch (errorState->connectionStep()) {
          case QOpcUaErrorState::ConnectionStep::Unknown:
              qDebug() << errorState->errorCode();
      		qDebug() << statuscode;
              break;
      

      which gives the following output:

      Debug: Client state changed QOpcUaClient::Connecting 
      Debug: "The server reported:
      Debug: QOpcUa::BadConnectionClosed
      Debug: "BadConnectionClosed" 
      Warning: Open62541: Failed to connect
      

      More Information which could be helpful:
      I created the clients certificate according the following link: https://doc-snapshots.qt.io/qtopcua/security.html.
      When trying to connect to the Server, the Certificate appears in the Rejected folder (on the server side) which is as expected. After moving it from Rejected to Trusted and trying to connect again, the Certificates just appears again in Rejected. See below: (altough it has the same thumpprint ) .

      ServerSideCertifacteConfiguration.png

      To sum Up:
      1) Does supportedUserToken should also return QOpcUaUserTokenPolicy::Certificate(2)? And if yes, what do i need to do that it does?
      2)Does Question Number one has something to do with my Certificate showing up twice and not beeing recognized as trusted?

      Any help is appreciated. Thanks in advanced.

      ODБOïO Offline
      ODБOïO Offline
      ODБOï
      wrote on last edited by ODБOï
      #2

      @niodo hi
      from the page you linked :
      " Creating secure connections with Qt OPC UA is currently only supported using the UACPP backend plugin. "

      1 Reply Last reply
      2
      • RequR Offline
        RequR Offline
        Requ
        wrote on last edited by
        #3

        @LeLev @niodo

        Guys, I sucessfuly connect with encrypted sever using open62541 backend.
        You need to get Qt 5.14.2 and relative QtOpcUa version. I builded library with OpenSSL and x509v3 extension.

        Sometimes build process shows unexpected error but after few times compile it I test it using QtOpcua openviewer (example) and it's work.

        5.14.2 is using already using open62541 v1.0 with is got encryption support.

        1 Reply Last reply
        1

        • Login

        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Users
        • Groups
        • Search
        • Get Qt Extensions
        • Unsolved