search

OPCFoundation / UA-.NETStandard

OPC Unified Architecture .NET Standard
Other
1.95k stars 945 forks source link

Cannot make Aggregation Server Sample work #526

Closed cpipero closed 6 years ago

cpipero commented 6 years ago

I have been fighting with these for a few days on and off.

I could not find specific instructions on how to configure the Aggregation Server to talk to other servers. I figured I'd add settings to the Quickstarts.AggregationServer.Config.xml file.

The one place that made sense was in the Extensions section within the ConfiguredEndpointsCollection.

Here's an excerpt of my current file:

  <Extensions>
    <ua:XmlElement>
      <ua:ConfiguredEndpointCollection
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://opcfoundation.org/UA/2008/02/Types.xsd"
        xmlns:ua="http://opcfoundation.org/UA/SDK/Configuration.xsd">
        <ua:KnownHosts />
        <ua:Endpoints>
          <ua:ConfiguredEndpoint>
            <ua:Endpoint>
              <EndpointUrl>opc.tcp://localhost:51210/UA/SampleServer</EndpointUrl>
              <SecurityMode>SignAndEncrypt_3</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256</SecurityPolicyUri>
              <UserIdentityTokens>
                <UserTokenPolicy>
                  <TokenType>Anonymous_0</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>UserName_1</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>Certificate_2</TokenType>
                </UserTokenPolicy>
              </UserIdentityTokens>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>

            <ua:UpdateBeforeConnect>true</ua:UpdateBeforeConnect>
            <ua:SelectedUserTokenPolicy>0</ua:SelectedUserTokenPolicy>
          </ua:ConfiguredEndpoint>
          <ua:ConfiguredEndpoint>
            <ua:Endpoint>
              <EndpointUrl>opc.tcp://localhost:61210/UA/SampleClient</EndpointUrl>
              <SecurityMode>SignAndEncrypt_3</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256</SecurityPolicyUri>
              <UserIdentityTokens>
                <UserTokenPolicy>
                  <TokenType>Anonymous_0</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>UserName_1</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>Certificate_2</TokenType>
                </UserTokenPolicy>
              </UserIdentityTokens>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>
            <ua:UpdateBeforeConnect>true</ua:UpdateBeforeConnect>
            <ua:SelectedUserTokenPolicy>0</ua:SelectedUserTokenPolicy>
          </ua:ConfiguredEndpoint>

          <!---COS -->

          <ua:Endpoint>
              <EndpointUrl>opc.tcp://myLocalMachine:48010</EndpointUrl>
              <SecurityMode>None_1</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#None</SecurityPolicyUri>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>

          <ua:Endpoint>
              <EndpointUrl>opc.tcp://myLocalMachine:48020</EndpointUrl>
              <SecurityMode>None_1</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#None</SecurityPolicyUri>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>
          </ua:ConfiguredEndpoint>
           <!--END -->
        </ua:Endpoints>
      </ua:ConfiguredEndpointCollection>
    </ua:XmlElement>
  </Extensions>

I can see in Debug that those Endpoints are added correctly in the server by breaking at line 71 of AggregationServer.cs where it loops through all those found in configuration.

But the client just enumerates a few Root folders (as many as the servers that I aggregate` but returns an error if I try browsing.

Here's a relevant chunk of the AggregationServer.log.txt file:

8/26/2018 08:21:40.941 SECURE CHANNEL CREATED [.NetStandard ClientChannel UA-TCP 1.4.354.0] [ID=77] Connected To: opc.tcp://myLocalMachine:4840/ [None/None/Binary]
8/26/2018 08:21:40.958 Token #1 activated. CreatedAt = 15:21:40.809 . Lifetime = 3600000
8/26/2018 08:21:41.394 Channel 77 in Open state.
8/26/2018 08:21:41.454 Channel 77: Close
8/26/2018 08:21:41.471 Channel 77 in Closing state.
8/26/2018 08:21:41.471 Channel 77: SendCloseSecureChannelRequest()
8/26/2018 08:21:41.494 Channel 0 in Closed state.
8/26/2018 08:21:41.523 CLIENTCHANNEL SOCKET CLOSED: 0018ECF8, ChannelId=77
8/26/2018 08:21:41.536 Channel 0 in Connecting state.
8/26/2018 08:21:41.539 Channel 0: SendHelloMessage()
8/26/2018 08:21:41.556 Channel 0: ProcessAcknowledgeMessage()
8/26/2018 08:21:41.573 Channel 0 in Opening state.
8/26/2018 08:21:41.573 Token #0 created. CreatedAt = 15:21:41.573 . Lifetime = 3600000
8/26/2018 08:21:41.597 Channel 0: ProcessOpenSecureChannelResponse()
8/26/2018 08:21:41.604 Security Policy: http://opcfoundation.org/UA/SecurityPolicy#None
8/26/2018 08:21:41.611 Sender Certificate: (none)
8/26/2018 08:21:41.618 SECURE CHANNEL CREATED [.NetStandard ClientChannel UA-TCP 1.4.354.0] [ID=79] Connected To: opc.tcp://myLocalMachine:4840/ [None/None/Binary]
8/26/2018 08:21:41.627 Token #1 activated. CreatedAt = 15:21:41.573 . Lifetime = 3600000
8/26/2018 08:21:41.633 Channel 79 in Open state.
8/26/2018 08:21:41.641 Channel 79: ProcessErrorMessage(BadServiceUnsupported 'Error received from remote host: ')
8/26/2018 08:21:41.641 Channel 0 in Closed state.
8/26/2018 08:21:41.695 CLIENTCHANNEL SOCKET CLOSED: 01620282, ChannelId=79
8/26/2018 08:21:41.715 Create session failed with client certificate NULL. BadSecureChannelClosed
8/26/2018 08:21:41.724 Channel 0 in Connecting state.
8/26/2018 08:21:41.855 Channel 0: SendHelloMessage()
8/26/2018 08:21:41.893 Channel 0: ProcessAcknowledgeMessage()
8/26/2018 08:21:41.926 Channel 0: Close
8/26/2018 08:21:41.926 Channel 0: Close
8/26/2018 08:21:41.969 Channel 0 in Opening state.
8/26/2018 08:21:42.029 Channel 0 in Closed state.
8/26/2018 08:21:42.041 Channel 0 in Closed state.
8/26/2018 08:21:42.041 Token #0 created. CreatedAt = 15:21:42.041 . Lifetime = 3600000
8/26/2018 08:21:42.041 CLIENTCHANNEL SOCKET CLOSED: FFFFFFFF, ChannelId=0
8/26/2018 08:21:42.057 CLIENTCHANNEL SOCKET CLOSED: FFFFFFFF, ChannelId=0
8/26/2018 08:21:42.075 Channel 0: ProcessOpenSecureChannelResponse()
8/26/2018 08:21:42.111 Could not connect to server. AggregateException 'One or more errors occurred.'
8/26/2018 08:21:42.119 Security Policy: http://opcfoundation.org/UA/SecurityPolicy#None
8/26/2018 08:21:42.130 Could not connect to server. AggregateException 'One or more errors occurred.'
8/26/2018 08:21:42.138 Sender Certificate: (none)
8/26/2018 08:21:42.155 SECURE CHANNEL CREATED [.NetStandard ClientChannel UA-TCP 1.4.354.0] [ID=80] Connected To: opc.tcp://myLocalMachine:4840/ [None/None/Binary]
8/26/2018 08:21:42.155 Token #1 activated. CreatedAt = 15:21:42.041 . Lifetime = 3600000
8/26/2018 08:21:42.172 Channel 80 in Open state.
8/26/2018 08:21:42.172 Channel 80: ProcessErrorMessage(BadServiceUnsupported 'Error received from remote host: ')
8/26/2018 08:21:42.196 Channel 0 in Closed state.
8/26/2018 08:21:42.235 CLIENTCHANNEL SOCKET CLOSED: 002BB577, ChannelId=80
8/26/2018 08:21:42.337 Could not connect to server. AggregateException 'One or more errors occurred.'

You can see that the certs go through (I think) but then it closes....

If there is any instruction (that I cannot find) on how to do this right, it'll help me tremendously. Thanks

Cos

cpipero commented 6 years ago

Quick update, it's working with the UA Sample Server. It might be that I need security enabled on the others as well...

cpipero commented 6 years ago

I got it working. 👍

My XML config file was misconfigured. Here's a template from the '' section of the file.

I would not mind volunteering to add a detailed step-to-step explanation in the README of this sample for people to understand better. Let me know how.

<Extensions>
    <ua:XmlElement>
      <ua:ConfiguredEndpointCollection
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://opcfoundation.org/UA/2008/02/Types.xsd"
        xmlns:ua="http://opcfoundation.org/UA/SDK/Configuration.xsd">
        <ua:KnownHosts />
        <ua:Endpoints>
          <ua:ConfiguredEndpoint>
            <ua:Endpoint>
              <!-- THIS USES THE SAMPLE SERVER THAT COMES WITH THE SAMPLES -->
              <EndpointUrl>opc.tcp://localhost:51210/UA/SampleServer</EndpointUrl>
              <SecurityMode>SignAndEncrypt_3</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256</SecurityPolicyUri>
              <UserIdentityTokens>
                <UserTokenPolicy>
                  <TokenType>Anonymous_0</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>UserName_1</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>Certificate_2</TokenType>
                </UserTokenPolicy>
              </UserIdentityTokens>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>
            <ua:UpdateBeforeConnect>true</ua:UpdateBeforeConnect>
            <ua:SelectedUserTokenPolicy>0</ua:SelectedUserTokenPolicy>
          </ua:ConfiguredEndpoint>

          <!-- HERE YOU CONFIGURE OTHER SERVERS -->
          <ua:ConfiguredEndpoint>
            <ua:Endpoint>
              <EndpointUrl>opc.tcp://[HOSTNAME1]:[PORT]</EndpointUrl>
              <SecurityMode>SignAndEncrypt_3</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256</SecurityPolicyUri>
              <UserIdentityTokens>
                <UserTokenPolicy>
                  <TokenType>Anonymous_0</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>UserName_1</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>Certificate_2</TokenType>
                </UserTokenPolicy>
              </UserIdentityTokens>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>
            <ua:UpdateBeforeConnect>true</ua:UpdateBeforeConnect>
            <ua:SelectedUserTokenPolicy>0</ua:SelectedUserTokenPolicy>
          </ua:ConfiguredEndpoint>

        <ua:ConfiguredEndpoint>
            <ua:Endpoint>
              <EndpointUrl>opc.tcp://l[HOSTNAME2]:[PORT]</EndpointUrl>
              <SecurityMode>SignAndEncrypt_3</SecurityMode>
              <SecurityPolicyUri>http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256</SecurityPolicyUri>
              <UserIdentityTokens>
                <UserTokenPolicy>
                  <TokenType>Anonymous_0</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>UserName_1</TokenType>
                </UserTokenPolicy>
                <UserTokenPolicy>
                  <TokenType>Certificate_2</TokenType>
                </UserTokenPolicy>
              </UserIdentityTokens>
              <TransportProfileUri>http://opcfoundation.org/UA/profiles/transport/wsxmlorbinary</TransportProfileUri>
            </ua:Endpoint>
            <ua:UpdateBeforeConnect>true</ua:UpdateBeforeConnect>
            <ua:SelectedUserTokenPolicy>0</ua:SelectedUserTokenPolicy>
          </ua:ConfiguredEndpoint>

        </ua:Endpoints>
      </ua:ConfiguredEndpointCollection>
    </ua:XmlElement>
  </Extensions>