Security issue while connecting with an OPC UA Server

8 views (last 30 days)
Hi everyone,
I set up an OPC UA Server without any username and password authentication.
But I have to use a MessageSecurityMode and a ChannelSecurityPolicy.
While connecting with the OPC UA Server matlab throws an error regarding the security.
I checked the port with telnet and it is open.
With older matlab versions (I tested 2018b and 2019b) I am able to connect to the OPC UA Server withour error messages.
What am I doing wrong?
Thanks in adavance!
Chris

Accepted Answer

Shubham
Shubham on 26 Sep 2023
Hi,
I understand you are getting an error regarding verifying security when you are trying to connect the client to OPCUA Server.
This indicates that there was a problem during the verification of security measures while establishing a secure connection between a client and a server. This error typically occurs during the security handshake process, where the client and server exchange security information and validate each other's credentials.
There can be various reasons for this error message, including:
  1. Certificate Issues: It could be due to problems with the X.509 certificates used for authentication. This may include expired or revoked certificates, mismatched certificates between the client and server, or certificates that are not trusted by the server (a common cause).
  2. Security Policy Mismatch: The client and server may have different security policies configured, and they are unable to negotiate a compatible security policy during the handshake process.
  3. Incorrect Security Configuration: There might be an error or misconfiguration in the security settings of either the client or the server. This could include incorrect encryption algorithms, invalid security modes, or unsupported security features.
  4. Network or Connectivity Issues: The error could also be caused by network problems, such as a firewall blocking communication or connectivity issues between the client and server.
Fix:
1. Verify the Certificates: Ensure that the certificates being used are valid, trusted, and properly configured on both the client and server sides.You need to manually mark MATLAB's application instance certificate as trusted by:
  • Going to the "Certificates" tab in the server's UI > right-clicking the corresponding certificate > and selecting the "Trust" option.
  • Some servers do not have a UI way to do this. In such cases, you need to manually copy the certificates (user identity or application instance) from the "rejected" folder to the "certs"/"trusted" folder of the server's certificate store.
2. Check security policies: Confirm that the client and server have compatible security policies configured. Adjust the security policies if necessary.
3. Review security settings: Double-check the security settings on both the client and server to ensure they are correctly configured and match each other.
4. Check network connectivity: Ensure that there are no network issues or firewalls blocking the communication between the client and server.
Hope this helps.

More Answers (0)

Products


Release

R2021b

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!