If the certificates are wrong that I put in the OpcUaClientConfigBuilder then the error comes inifinitly which makes the traffic on the opcua server.
After some time the number of connections are that huge that the data is not coming for the client that is successfully connected due to the traffic in the server.
The error is:
Failed to connect to OPC UA server.
2024-03-15 16:03:51.467 INFO 2300133 --- [nio-9002-exec-3] com.neos.opcua.service.OpcuaService : Failed to connect to OPCUA server
java.util.concurrent.ExecutionException: java.lang.RuntimeException: Failed to connect to OPC UA server.
2024-03-15 16:03:51.467 INFO 2300133 --- [nio-9002-exec-3] com.neos.opcua.service.OpcuaService : Close connection
2024-03-15 16:03:51.467 INFO 2300133 --- [nio-9002-exec-3] com.neos.opcua.service.OpcuaService : client org.eclipse.milo.opcua.sdk.client.OpcUaClient@469472c4
2024-03-15 16:03:51.467 INFO 2300133 --- [nio-9002-exec-3] com.neos.opcua.Handler.OpcuaHandler : Client is disconnected.
2024-03-15 16:03:52.480 ERROR 2300133 --- [ty-event-loop-8] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:03:54.497 ERROR 2300133 --- [ty-event-loop-9] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:03:58.512 ERROR 2300133 --- [y-event-loop-10] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:04:06.528 ERROR 2300133 --- [y-event-loop-11] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:04:22.543 ERROR 2300133 --- [y-event-loop-12] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:04:38.567 ERROR 2300133 --- [y-event-loop-13] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:04:54.582 ERROR 2300133 --- [y-event-loop-14] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:05:10.599 ERROR 2300133 --- [y-event-loop-15] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:05:26.613 ERROR 2300133 --- [ty-event-loop-0] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:05:42.647 ERROR 2300133 --- [ty-event-loop-1] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:05:58.661 ERROR 2300133 --- [ty-event-loop-2] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:06:14.676 ERROR 2300133 --- [ty-event-loop-3] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:06:30.689 ERROR 2300133 --- [ty-event-loop-4] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}
2024-03-15 16:06:46.703 ERROR 2300133 --- [ty-event-loop-5] m.o.s.c.t.u.UascClientAcknowledgeHandler : [remote=/ip:port] Received error message: ErrorMessage{error=StatusCode{name=Bad_SecurityChecksFailed, value=0x80130000, quality=bad}, reason=[BadSecurityChecksFailed]}```
For reference my code is this
private static CompletableFuture createClient(String host, Integer port, String username, String password, String certPath, String keyPath, String applicationUri, String securityPolicy) { // create URL String url = String.format("opc.tcp://%s:%s", host, port);
return DiscoveryClient.getEndpoints(url).thenCompose(endpoints -> {
try {
// fetch EndpointDescription
EndpointDescription endpointDescription = findBest(endpoints);
MessageSecurityMode messageSecurityMode = endpointDescription.getSecurityMode();
// set security policy
String securityPolicyUri = endpointDescription.getSecurityPolicyUri();
UserTokenPolicy[] userTokenPolicies = endpointDescription.getUserIdentityTokens();
if (securityPolicy != null) {
securityPolicyUri = "http://opcfoundation.org/UA/SecurityPolicy#" + securityPolicy;
for (int i = 0; i < userTokenPolicies.length; i++) {
UserTokenPolicy userTokenPolicy = userTokenPolicies[i];
userTokenPolicies[i] = new UserTokenPolicy(userTokenPolicy.getPolicyId(),
userTokenPolicy.getTokenType(), userTokenPolicy.getIssuedTokenType(),
userTokenPolicy.getIssuerEndpointUrl(), securityPolicyUri);
}
}
// recreate EndpointDescription as returned EndpointDescription from server might not match the specifications
EndpointDescription endpointDescriptionModified = new EndpointDescription(url,
endpointDescription.getServer(), endpointDescription.getServerCertificate(),
MessageSecurityMode.SignAndEncrypt, securityPolicyUri, userTokenPolicies,
endpointDescription.getTransportProfileUri(), endpointDescription.getSecurityLevel());
// create OpcUaClientConfigBuilder
OpcUaClientConfigBuilder cfg = new OpcUaClientConfigBuilder();
// set end point
cfg.setEndpoint(endpointDescriptionModified);
// set user name and password
if (username != null & (certPath == null || keyPath == null)) {
cfg.setIdentityProvider(new UsernameProvider(username, password));
}
// set certificates
if (certPath != null && keyPath != null) {
X509IdentityProvider x509IdentityProvider = new X509IdentityProvider(certPath, keyPath);
X509Certificate cert = x509IdentityProvider.getCertificate();
KeyPair keyPair = new KeyPair(cert.getPublicKey(), x509IdentityProvider.getPrivateKey());
if (username != null) {
cfg.setCertificate(cert).setKeyPair(keyPair).setIdentityProvider(x509IdentityProvider)
.setIdentityProvider(new UsernameProvider(username, password));
} else {
cfg.setCertificate(cert).setKeyPair(keyPair).setIdentityProvider(x509IdentityProvider);
}
}
// set ApplicationUri
if (applicationUri != null) {
cfg.setApplicationUri(applicationUri);
}
return CompletableFuture.completedFuture(OpcUaClient.create(cfg.build()));
} catch (final UaException e) {
CompletableFuture<OpcUaClient> failedFuture = new CompletableFuture<>();
failedFuture.completeExceptionally(e);
return failedFuture;
}
});
}
I am expecting if there is some property or something so that I can limit the retry of the connection the server. if OpcUaClientConfigBuilder has some properties. I explored the possible methods of that builder but unable to tackle that error.
The client will automatically attempt to reconnect until you call disconnect()
.
It backs off its attempts exponentially until it's attempting every ~16 seconds. This is not configurable.
After some time the number of connections are that huge that the data is not coming for the client that is successfully connected due to the traffic in the server.
I have no idea what you're trying to say here. If you're implying that these reasonably spaced repeat connection attempts somehow crash or cause a denial-of-service in that the server, then you need to contact the vendor of that server for support, because it's broken.