Create java a opc client using milo with an OPC UA Server with secure connection

Question

I am trying to create a opc ua client with java using milo library. I need to connect with an OPC Server which uses http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 Security Policy in addition i need to authenticate the user with certificates.

I am having the following error in the client "The user identity token is valid but the server has rejected it" which corresponds with the opc ua error "UA_SCBADIDENTITYTOKENREJECTED 0x80210000". I can look for the server information and i have the following log information "Verification of UserTokenSignature failed".

I have investigate the topic and it seems that the UserTokenSignature has not been created properly, I think that it could be because of the nonce, but i am not sure, i have had a look to the wireshark information and in the startup of the communication the client does not include any nonce.

I do not know if it is necessary to configure any property in the client to include the nonce, i think that it should be included automatically.

Maybe the "Verification of UserTokenSignature failed" error is caused because of an error in the certificates, i do not know, but i have tested the connection with UA Expert and it works properly.

Answer 1

You shouldn't have to do anything with nonces or signing; this is all handled by the SDK.

What server are you connecting to? Does it happen if you connect without security? You've configured an X509IdentityProvider for your client?