4. QtOpcUa Client with encryption

QtOpcUa Client with encryption


  • Hi everybody,

    First: I'm using Windows 10, Qt 5.14.1 and QtOpcUa 5.14.1.

    After finally be able to built QtOpcUa ( Open62541 as backend )with encryption support i'm still not able to connect to OpcUa server with encryption. I'm using the OpcUaViewer example.
    If i run the following two commands:

    qDebug() << "SuppertedUserTokeTypes:" <<mOpcUaClient->supportedUserTokenTypes(); 
qDebug() << "SupportedSecurityPolicies:" << mOpcUaClient->supportedSecurityPolicies();

    The output is :

    Debug: SuppertedUserTokeTypes: QVector(0, 1)
Debug: SupportedSecurityPolicies: ("http://opcfoundation.org/UA/SecurityPolicy#None", "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15", "http://opcfoundation.org/UA/SecurityPolicy#Basic256", "http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256")

    SupportedSecurityPolicies looks good but shouldn't SupportedUserTokenTypes also includes QOpcUaUserTokenPolicy::Certificate (2 ) ?

    If i'm trying to connect to the server as follow:
    EstablishConnection.PNG
    , the error output of the method MainWindow::showErrorDialog is nothing because the switch-case is

    QOpcUaErrorState::ConnectionStep::Unknown:

    For the sake of debugging i put an debug statement there as well:

    void MainWindow::showErrorDialog(QOpcUaErrorState *errorState)
{
    int result = 0;

    const QString statuscode = QOpcUa::statusToString(errorState->errorCode());

    QString msg = errorState->isClientSideError() ? tr("The client reported: ") : tr("The server reported: ");
    qDebug() << msg;
    switch (errorState->connectionStep()) {
    case QOpcUaErrorState::ConnectionStep::Unknown:
        qDebug() << errorState->errorCode();
		qDebug() << statuscode;
        break;

    which gives the following output:

    Debug: Client state changed QOpcUaClient::Connecting 
Debug: "The server reported:
Debug: QOpcUa::BadConnectionClosed
Debug: "BadConnectionClosed" 
Warning: Open62541: Failed to connect

    More Information which could be helpful:
    I created the clients certificate according the following link: https://doc-snapshots.qt.io/qtopcua/security.html.
    When trying to connect to the Server, the Certificate appears in the Rejected folder (on the server side) which is as expected. After moving it from Rejected to Trusted and trying to connect again, the Certificates just appears again in Rejected. See below: (altough it has the same thumpprint ) .

    ServerSideCertifacteConfiguration.png

    To sum Up:
    1) Does supportedUserToken should also return QOpcUaUserTokenPolicy::Certificate(2)? And if yes, what do i need to do that it does?
    2)Does Question Number one has something to do with my Certificate showing up twice and not beeing recognized as trusted?

    Any help is appreciated. Thanks in advanced.

    0 1 Reply

  • @niodo hi
    from the page you linked :
    " Creating secure connections with Qt OPC UA is currently only supported using the UACPP backend plugin. "

    2

  • @LeLev @niodo

    Guys, I sucessfuly connect with encrypted sever using open62541 backend.
    You need to get Qt 5.14.2 and relative QtOpcUa version. I builded library with OpenSSL and x509v3 extension.

    Sometimes build process shows unexpected error but after few times compile it I test it using QtOpcua openviewer (example) and it's work.

    5.14.2 is using already using open62541 v1.0 with is got encryption support.

    1
Log in to reply