search

FreeOpcUa / opcua-asyncio

OPC UA library for python >= 3.7
GNU Lesser General Public License v3.0
1.14k stars 363 forks source link

Can't connect to OPC server #1512

Open MatheusDemoner opened 11 months ago

MatheusDemoner commented 11 months ago

To save some time, please provide us following informations, if possible:

Describe the bug
I'm trying to connect as a client in a sha256, Sign&Encrypt server and the server administrator need to trust my cert. I'm getting this error:

> error parsing asn1 value: ParseError { kind: InvalidValue, location: ["AuthorityKeyIdentifier::authority cert serial number"] }

To Reproduce
Steps to reproduce the behavior incl code:

cert_base = Path(file).parent

            cert = Path(cert_base / f"my_cert.der")
            private_key = Path(cert_base / "my_private_key.pem")
            host_name = socket.gethostname()
            client_app_uri = f"urn:{host_name}:aignosi:sientia"

            await setup_self_signed_certificate(private_key,
                                    cert,
                                    client_app_uri,
                                    host_name,
                                    [ExtendedKeyUsageOID.CLIENT_AUTH],
                                    {
                                        'countryName': 'BR',
                                        'stateOrProvinceName': 'MG',
                                        'localityName': 'Belo Horizonte',
                                        'organizationName': "My Company",
                                        'emailAddress': 'myemail@hotmail.com'
                                    })

            # # return a new connection
            connection = asyncua.Client(url, watchdog_intervall=300)
            connection.application_uri = client_app_uri
            await connection.set_security(
                SecurityPolicyBasic256,
                certificate=str(cert),
                private_key=str(private_key),
                # server_certificate="certificate-example.der"
            )

            connection.certificate_validator =CertificateValidator(CertificateValidatorOptions.EXT_VALIDATION|CertificateValidatorOptions.PEER_SERVER)

            await connection.connect()

asyncua==1.0.5 Python 3.11

Thankss

kwisii commented 11 months ago

Did you tried SecurityPolicyBasic256Sha256 instead of SecurityPolicyBasic256 when calling await connection.set_security?