Search code examples
c#configurationconnectionopc-uaopc

Opc.Ua "ServiceResultException: Endpoint does not support the user identity type provided." but Security Level is None

I'm trying to connect to a server with my C# application using the Opc.Ua Foundation library, but I'm getting:

System.AggregateException: 'One or more errors occurred. (Endpoint does not support the user identity type provided.)'

Server security is set to None.

Here's my code:

// Generate a client application
ApplicationInstance application = new ApplicationInstance();
application.ApplicationType = ApplicationType.Client;
// Load the configuration file
application.LoadApplicationConfiguration(@"path_to_file.xml", false).Wait();
ApplicationConfiguration m_configuration = application.ApplicationConfiguration;


// Get the endpoint 
EndpointDescription endpointDescription = new EndpointDescription("opc.tcp://192.168.0.213:4840/");
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(m_configuration);
ConfiguredEndpoint endpoint = new ConfiguredEndpoint(null, endpointDescription, endpointConfiguration);

// Create the session
_uaSession = Session.Create(
m_configuration, endpoint, false, false, m_configuration.ApplicationName, (uint)m_configuration.ClientConfiguration.DefaultSessionTimeout, new UserIdentity(), null)
                    .Result;

This is how the endpoint description looks like: endpoint description

Here's the endpoint configuration: enpoint configuration

This is the configuration loaded: client configuration security configuration details

Solution

  • You need to get the endpointDescription by using

    CoreClientUtils.SelectEndpoint(endpointurl, security); security (use certificates) is a bool

    I made an example code for you:

    var config = new ApplicationConfiguration()
        {
            ApplicationName = "MyClient",
            ApplicationUri = Utils.Format(@"urn:{0}:MyClient", System.Net.Dns.GetHostName()),
            ApplicationType = ApplicationType.Client,
            SecurityConfiguration = new SecurityConfiguration
            {
                ApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault", SubjectName = "MyClientSubjectName" },
                TrustedIssuerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Certificate Authorities" },
                TrustedPeerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Applications" },
                RejectedCertificateStore = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\RejectedCertificates" },
                AutoAcceptUntrustedCertificates = true
            },
            TransportConfigurations = new TransportConfigurationCollection(),
            TransportQuotas = new TransportQuotas { OperationTimeout = 15000 },
            ClientConfiguration = new ClientConfiguration { DefaultSessionTimeout = 60000 },
            TraceConfiguration = new TraceConfiguration()
        };
        config.Validate(ApplicationType.Client).GetAwaiter().GetResult();

        if (config.SecurityConfiguration.AutoAcceptUntrustedCertificates)
        {
            config.CertificateValidator.CertificateValidation += (s, e) => { e.Accept = (e.Error.StatusCode == StatusCodes.BadCertificateUntrusted); };
        }

        var application = new ApplicationInstance
        {
            ApplicationName = "MyClient",
            ApplicationType = ApplicationType.Client,
            ApplicationConfiguration = config
        };

        application.CheckApplicationInstanceCertificate(false, 2048).GetAwaiter().GetResult();

        EndpointDescription endpointDescription = CoreClientUtils.SelectEndpoint("opc.tcp://192.168.54.200:4840/", false);
        EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(config);
        ConfiguredEndpoint endpoint = new ConfiguredEndpoint(null, endpointDescription, endpointConfiguration);

        UserIdentity user = new UserIdentity();
        bool useCredentials = false;
        if (useCredentials)
        {
            user = new UserIdentity("admin", "admin");
        }

        // Sets whether or not the discovery endpoint is used to update the endpoint description before connecting.
        bool updateBeforeConnect = false;

        // Sets whether or not the domain in the certificate must match the endpoint used
        bool checkDomain = false;

        // The name to assign to the session
        string sessionName = config.ApplicationName;

        // The session's timeout interval
        uint sessionTimeout = 60000;

        // List of preferred locales
        List<string> preferredLocales = null;

        // Create the session
        Session session = Session.Create(
                    config,
                    endpoint,
                    updateBeforeConnect,
                    checkDomain,
                    sessionName,
                    sessionTimeout,
                    user,
                    preferredLocales
                ).Result;

        if (session != null && session.Connected)
        {
            Console.WriteLine("connected");
        }
    }

    You might need to change some things, but this is the basics. You don't use certificates here (you do if you change the security to true). On my profile are some questions which answer more about certificates. Also make sure you can access you OPC ua server (I guess yours is siemens because of the port) is open for guest authentication en no security(certificates) You can change this in tia portal -> plc settings -> opc ua server settings

    EDIT: You can also use a xml file (like you are doing right now). If you do that you don't need my code above EndpointDescription endpointDescription