Connecting with all Security None to opcplc 2.5.0 running in EFLOW VM form host system fails
See original GitHub issueThis issue is for a: (mark with an x
)
- [x] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)
Minimal steps to reproduce
Run OPpcPlc 2.5.0 in EFLOW with the following settings:
"opcplc1": {
"settings": {
"image": "localhost:5500/opc-plc:2.5.0",
"createOptions": {
"Hostname": "opcplc1",
"Cmd": [
"--sph",
"--aa",
"--unsecuretransport",
"--fr=1",
"--sr=2",
"--ph=opcplc1",
"--to"
],
"ExposedPorts": {
"50000/tcp": {},
"8080/tcp": {}
},
"HostConfig": {
"Mounts": [
{
"Type": "volume",
"Target": "/appdata",
"Source": "opcplc1",
"Consistency": "consistent",
"RW": true
}
],
"PortBindings": {
"50000/tcp": [
{
"HostPort": "50000"
}
],
"8080/tcp": [
{
"HostPort": "8080"
}
]
}
}
}
},
"env": {
"BypassCertVerification": {
"value": "true"
},
"AutoAcceptUntrustedCertificates": {
"value": "true"
}
},
"type": "docker",
"version": "1.0",
"status": "running",
"restartPolicy": "always",
"startupOrder": 2
},
Get the EFLOW-VM IP-Address
Get-EflowVmAddr
- Virtual machine IP : 172.27.71.63 retrieved directly from virtual machine
Use an OPC UA Client such as Softing dataFEED OPC UA Client: Endpoint URL: opc.tcp://172.27.71.63:50000 Security Mode: None Secuity Policy: None Message Encoding: Binary
Try to connect from the client with the settings above fails with error:
Any log messages given by the failure
Error in Client:
2022-10-06 19:36:17.729 [17], TraceMask:Error, Message: BadCertificateHostNameInvalid ObjectId: SessionConnectViewModel BadCertificateHostNameInvalid 'BadCertificateHostNameInvalid'
2022-10-06 19:36:17.729 [17], TraceMask:Error, Message: ClientSession.InternalConnect - Session Connect error BadCertificateHostNameInvalid 'BadCertificateHostNameInvalid'
docker logs opcplc1 in EFLOW VM:
[17:36:16 ERR] OPC: Certificate rejected. Reason=CN=OpcPlc. [CN=OpcPlc] [BB1A26C8C5CFC4A348A660D70478107CCE9ACE47]
[17:36:16 ERR] OPC: 10/06/2022 17:36:16.487 Certificate rejected. Reason=Opc.Ua.ServiceResultException: The domain '172.27.71.63' is not listed in the server certificate.. [CN=OpcPlc] [BB1A26C8C5CFC4A348A660D70478107CCE9ACE47]
[17:36:16 ERR] OPC: Server - SESSION CREATE failed. The domain '172.27.71.63' is not listed in the server certificate.
[17:36:16 ERR] OPC: 10/06/2022 17:36:16.488 Server - SESSION CREATE failed. The domain '172.27.71.63' is not listed in the server certificate.
[17:36:16 ERR] OPC: SERVER - Service Fault Occurred. Reason=BadCertificateHostNameInvalid
[17:36:16 ERR] OPC: 10/06/2022 17:36:16.488 SERVER - Service Fault Occurred. Reason=BadCertificateHostNameInvalid
[17:36:16 ERR] OPC: Certificate rejected. Reason=CN=OpcPlc. [CN=OpcPlc] [BB1A26C8C5CFC4A348A660D70478107CCE9ACE47]
[17:36:16 ERR] OPC: 10/06/2022 17:36:16.490 Certificate rejected. Reason=Opc.Ua.ServiceResultException: The domain '172.27.71.63' is not listed in the server certificate.. [CN=OpcPlc] [BB1A26C8C5CFC4A348A660D70478107CCE9ACE47]
[17:36:16 ERR] OPC: Server - SESSION CREATE failed. The domain '172.27.71.63' is not listed in the server certificate.
[17:36:16 ERR] OPC: 10/06/2022 17:36:16.493 Server - SESSION CREATE failed. The domain '172.27.71.63' is not listed in the server certificate.
[17:36:16 ERR] OPC: SERVER - Service Fault Occurred. Reason=BadCertificateHostNameInvalid
[17:36:16 ERR] OPC: 10/06/2022 17:36:16.494 SERVER - Service Fault Occurred. Reason=BadCertificateHostNameInvalid
Expected/desired behavior
With Opc-Plc 2.2.0 the and the exact same deployment template a connection with None/None form outside works. Therefore I expect that it would work the same with version 2.5.0 as with 2.2.0.
OS and Version?
Windows 11 and EFLOW 1.3.0
Versions
iotedge version 1.3.0 or 1.4.0 tested opcplc 2.5.0
Mention any other details that might be useful
- Connection with none inside the VM works.
- Connecting using SignAndEncrypt from Host to opcplc 2.5.0 in VM works as well.
Issue Analytics
- State:
- Created a year ago
- Reactions:1
- Comments:5
Top Results From Across the Web
Eflow machine running inside Azure VM can't connect to ...
Eflow machine running inside Azure VM can't connect to hub with static ip allocation with internal switch #221.
Read more >Common issues and resolutions for Azure IoT Edge ...
Use this article to resolve common issues encountered when deploying an IoT Edge for Linux on Windows (EFLOW) solution.
Read more >EFLOW and IP Address Failure - azure
1 Answer. I found out the problem, I had connected via SSH to too many devices, and there is a limit in the...
Read more >Release announcements
We are pleased to announce the release of version 2.9.0 of OPC Publisher. This release adds several new features including support for reverse...
Read more >Connect Edge Devices to Microsoft Azure* IoT
Configure config.yaml for secure connection with connection string. Restart the IoT Edge daemon. Set module in Azure portal and then deploy.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Fixed with the new option
--cdn
.Add feature #181