Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

QT OPC UA with open62541 backend, encryption



  • Hello,

    Im currently a little confused about the state of encryption compability of opcua in qt 5.15.2 with the open62541 backend. In the Documentation it states the following: "Creating secure connections with Qt OPC UA is currently only supported using the UACPP backend plugin." Is that statement correct?
    I managed to compile the opcua plugin with encryption support but I have trouble actually connecting to a server with an encrypted connection. Im using the example project QtOpcUaViewer under Windows to test the capabilities. When using a self signed client certificate, as described in the link obove, the connection attempt fails with the following messages:

    [2021-07-21 16:48:23.656 (UTC+0200)] error/channel	Receiving service response failed with error BadConnectionClosed
    [2021-07-21 16:48:23.656 (UTC+0200)] error/client	Opening a secure channel failed
    [2021-07-21 16:48:23.656 (UTC+0200)] error/client	Couldn't connect the client to a TCP secure channel
    qt.opcua.plugins.open62541: Open62541: Failed to connect
    Client error changed QOpcUaClient::UnknownError
    Client state changed QOpcUaClient::Disconnected
    

    The interesting thing is that when im coping the client certificate from another application (UaExpert) into my pki location I can connect to the servers with encryption enabled. I tested this with multiple upcua demo server in this list and always got the described results: https://github.com/node-opcua/node-opcua/wiki/publicly-available-OPC-UA-Servers-and-Clients

    Is that behavior the result of missing/incomplete encryption-support of QtOpcUa with the open62541 backend or is something wrong with my certificates?


  • Lifetime Qt Champion

    Hi
    I think its something with the QtOpcUa plugin as when I tried using open62541 API directly it worked but
    I was not able to get working using the Qt API.
    But I didn't find out why exactly and for my use case, using the native API was ok.

    If you dont get any answers here I would ask on the mailing list.
    https://lists.qt-project.org/


Log in to reply