Danh Vo

Issue when using PLC S7-1500 as OPC UA client to connect with OPC UA server having certificate

Started by Danh Vo,

1 post in this topic

Posted (edited)

Dear all,

I'd like to get your support on the issue with OPC UA certificate.

My OPC UA server has been built with Node.js. The PLC S7-1500 (firmware v2.9) acts as OPC UA client.

It's working well without certificate but when I use certificate, there are 2 situations:

1. When connecting using "Online access" (as attachment) in the "OPCUA Communication >> Client interfaces", I can connect with certificate (after I export and copy the PLC's certificate to the trusted folder of the server). --> server is ok.

2. When coding and running with real PLC: can't connect, there is even no PLC's certificate on the rejected folder of the server and there is no any error, the Status of block "OPC UA Connect DB" is still 16#0000_0000.

So, what I did with certificate in TIA Portal (V17) are:

- Enable the Global security setting for certificate manager

- Created (and tested) with both self-signed certificate and CA certificate for PLC

- Added server's certificate to trusted list in "Certificate manager" of TIA Portal (also added to the "Certificate of the partner devices" in  Device config)

- In "OPCUA Communication >> Client interfaces", chose the Security Mode/Policy and PLC's certificate (already tried with and without this setting)

In my point of view, the problem is that the PLC received the certificate but somehow it didn't read correctly or didn't compare with the certificate in the trusted list because if the PLC does this step, it should send its certificate to (the rejected folder of) server.

Could anyone help me to solve this issue? Thank you in advance.

 

[Update]

1.The PLC throw the error code 16#8016_0000 (BadCertificateHostNameInvalid/The HostName used to connect to a Server does not match a HostName in the Certificate - as I searched in google) but it's very quick so I could not see this behavior at the beginning.

2. I have tested with UA Expert, I can connect without any problem/warning. So, the high confidence that problem comes from PLC.

---------- 

Best regards,

Danh Vo

Can connect to OPC UA server with Online access mode.png

Edited by Danh Vo

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Go To Topic Listing Siemens