Connect to OPCUA server with username and password

Question

I am using UAExpert application and i am connecting to my machine with these settings:

I want to connect to my device with python. I have this code but it doesn't work.

from opcua import Client

client = Client("opc.tcp://<ip>:4840")
client.set_user("username")
client.set_password("password")
client.set_security_string("Basic256Sha256,Sign,cert.der,key.pem")
client.connect()

I am getting this error:

raise ua.UaError("No matching endpoints: {0}, {1}".format(security_mode, policy_uri)) opcua.ua.uaerrors._base.UaError: No matching endpoints: 2, http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256

UPDATE:

I think it's the issue of the certificate. So i found from UAExpert settings where it gets the certificate from. I use the same path for cert.der but i don't know where i can find the key.pem

Can I confirm those details work in UAExpert and give you the OPCUA endpoints you expect? Also have you tried with out the security settings? I've had previous issues with OPCUA and the security settings not working as expected. Ended up having to switch them off for it to work. Essentially OPCUA can be a pain to work with at times. — SgtSafety, Jan 09 '23 at 11:44
@SgtSafety Yes those details work perfectly in UAExpert. I tried to remove security but i got an error saying that server does not support configured security policy. So the only way to connect is like the screenshot i uploaded in my post. — Alex, Jan 09 '23 at 11:49
Is the OPCUA server running on a PC that runs an OS like windows? Might want to try opening up different ports and change the OPCUA server ports to run that and try. For example beckhoff PLC runs windows which then runs the OPCUA server and I've had to switch off port/firewall rules to allow it to work, event though it worked with UAExpert. Sorry my help isnt specific, just examples of my work. — SgtSafety, Jan 09 '23 at 11:56
Actually the server is a UPS machine from Siemens. UPS1600 is the name. No worries about the help :) thank you for trying — Alex, Jan 09 '23 at 12:31
The Message Security Mode in your screenshot is sign&Enrypt in your code it is only Sign. Maybe this is the problem? Can you check which endpoints the server provides? — SFriedl, Jan 09 '23 at 12:35
That was a good catch. I changed it to `client.set_security_string("Basic256Sha256,SignAndEncrypt,cert.der,key.pem")` and now i am getting error ` "No such file or directory: 'cert.der' ` — Alex, Jan 09 '23 at 12:38
See https://stackoverflow.com/questions/73907772/connect-with-opcua-server-with-basic256sha256-in-python/ — Schroeder, Jan 09 '23 at 13:51

score 2 · Accepted Answer · answered Jan 11 '23 at 10:55

Ok so i made it work. This is my current code:

import asyncio
import opcua


async def main():
    client = opcua.Client("opc.tcp://<ip>:4840", timeout=60)
    client.application_uri = "urn:<ip>:UPS1600"  # Should match in your certificate
    client.set_user("username")
    client.set_password("password")
    client.set_security_string("Basic256Sha256,SignAndEncrypt,<path_to_certificate.pem>,<path_to_key.pem")
    client.connect()
    struct = client.get_node("ns=3;i=100191")
    value= struct.get_value()
    print(value)


if __name__ == '__main__':
    asyncio.run(main())

Where certificate.pem and key.pem i have created them from here

Connect to OPCUA server with username and password

1 Answers1