Node-OPCUA 连接到未知的服务器 securityMode/securityPolicy
Node-OPCUA Connect to Server with unknown securityMode/securityPolicy
我正在尝试连接到具有未知 securityMode 和 securityPolicy 的 opcua 服务器。可能是我的基本理解有问题,但是根据OPCUA规范,我可以通过本地DiscoveryServer获取EndpointDescription,然后打开一个SecureChannel(session)。
目前我在未指定安全设置的情况下连接到服务器,读出端点,然后 select 适当的安全设置并重新连接。
const getEndpoints = function (endpointUrl) {
return new Promise(function (resolve, reject) {
let client = new opcua.OPCUAClient();
client.connect(endpointUrl, function (err) {
if(err) reject(new Error(err));
client.getEndpointsRequest(function (err,endpoints) {
let reducedEndpoints = endpoints.map(endpoint =>
({
endpointUrl: endpoint.endpointUrl,
securityMode: endpoint.securityMode,
securityPolicy: endpoint.securityPolicyUri,
})
);
resolve(endpoints);
// resolve(reducedEndpoints);
client.disconnect();
})
})
})
}
const connect = function (endpointUrl, options) {
return new Promise(function (resolve, reject) {
const defaultOptions = {
connectionStrategy: {
maxRetry: 6,
},
keepSessionAlive: true,
endpoint_must_exist: false,
securityMode: options.MessageSecurityMode.NONE,
securityPolicy: SecurityPolicy.None,
};
let client = new opcua.OPCUAClient(Object.assign({}, defaultOptions, options));
client.connect(endpointUrl, function (err) {
if(err) {
reject(new Error(err));
}
resolve(client)
});
});
};
感觉不对。如果有人能帮我举个例子就好了。
此致
- 客户端通常会查询 OPCUA 服务器的端点,以便
找出它将用于的最佳安全和加密模式是什么
连接到服务器。
- getEndpoints 是不需要客户端在服务器上打开会话的服务之一。
// with node-opcua@0.4.1
const opcua = require("node-opcua");
async function getEndpoints(endpointUrl) {
let client = new opcua.OPCUAClient();
await client.connect(endpointUrl);
const endpoints = await client.getEndpoints();
const reducedEndpoints = endpoints.map(endpoint => ({
endpointUrl: endpoint.endpointUrl,
securityMode: endpoint.securityMode.toString(),
securityPolicy: endpoint.securityPolicyUri.toString(),
}));
await client.disconnect();
return reducedEndpoints;
}
async function main() {
const endpoints = await getEndpoints("opc.tcp://opcuademo.sterfive.com:26543");
console.log(endpoints);
}
main().then();
此代码将输出:
[ { endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'NONE',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#None' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGN',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGN',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGN',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGNANDENCRYPT',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGNANDENCRYPT',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGNANDENCRYPT',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256' } ]
也就是说,node-opcua 客户端将在连接期间自动查询服务器端点
并验证用户请求的 securityMode 和 securityPolicy 是否可用。
// with node-opcua@0.4.1
const opcua = require("node-opcua");
async function verifyEndpointAndConnect(endpointUrl) {
let client = new opcua.OPCUAClient();
await client.connect(endpointUrl);
// note that client has already requested the server endpoints
// during the connection. We can now simply query the Application
// description matching our security settings
const applicationDescription = client.findEndpointForSecurity(
opcua.MessageSecurityMode.SIGN,
opcua.SecurityPolicy.Basic256Sha256
);
await client.disconnect();
if (applicationDescription) {
console.log("Yes! the server support this endpoints:");
console.log(applicationDescription.toString());
}else {
console.log("Sorry! this server do not support the requested security mode");
return;
}
// let recreate our client with the requested security mode
client = new opcua.OPCUAClient({
securityMode: opcua.MessageSecurityMode.SIGN,
securityPolicy: opcua.SecurityPolicy.Basic256Sha256,
});
await client.connect(endpointUrl);
// [...] do something with this connected client.
await client.disconnect();
}
async function main() {
await verifyEndpointAndConnect("opc.tcp://opcuademo.sterfive.com:26543");
console.log("done");
}
main();
艾蒂安,谢谢你的回答。示例代码就像一个魅力。这是答案:
Yes! the server support this endpoints:
{ /*EndpointDescription*/
endpointUrl /* String */: opc.tcp://opcuademo.sterfive.com:26543
server /* ApplicationDescription */: {
applicationUri /* String */: urn:opcuademo.sterfive.com:NodeOPCUA-Server
productUri /* String */: NodeOPCUA-Server
applicationName /* LocalizedText */: locale=null text=NodeOPCUA
applicationType /* ApplicationType */: SERVER ( 0)
gatewayServerUri /* String */: null
discoveryProfileUri /* String */: null
discoveryUrls /* String [] */: [ /* empty*/ ]
}
serverCertificate /* ByteString */
BUFFER{00000000: 30 82 04 11 30 82 02 f9 a0 03 02 01 02 02 02 10 1a 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 0...0..y.........0...*.H.w......
00000020: 30 28 31 12 30 10 06 03 55 04 0a 13 09 4e 6f 64 65 4f 50 43 55 41 31 12 30 10 06 03 55 04 03 13 0(1.0...U....NodeOPCUA1.0...U...
00000040: 09 4e 6f 64 65 4f 50 43 55 41 30 22 18 0f 32 30 31 38 30 32 31 30 32 30 33 38 31 33 5a 18 0f 32 .NodeOPCUA0"..20180210203813Z..2
00000060: 30 31 39 30 32 31 30 32 30 33 38 31 33 5a 30 28 31 12 30 10 06 03 55 04 0a 13 09 4e 6f 64 65 4f 0190210203813Z0(1.0...U....NodeO
00000080: 50 43 55 41 31 12 30 10 06 03 55 04 03 13 09 4e 6f 64 65 4f 50 43 55 41 30 82 01 22 30 0d 06 09 PCUA1.0...U....NodeOPCUA0.."0...
000000a0: 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ae 38 4e 06 c8 d2 13 *.H.w...........0.........8N.HR.
000000c0: b6 d1 6d 42 e7 1c 17 4f 68 9b da 5e 6d 79 82 d0 ea 6b 81 0c 05 bc 1d 23 ab ec 81 7c 1d 52 94 f2 6QmBg..Oh.Z^my.Pjk...<.#+l.|.R.r
000000e0: 5c fa 23 7a fc d2 5e f7 a3 85 94 29 97 07 85 01 cf 94 40 31 bd 56 d8 c0 4d ec 38 a9 c6 aa 40 20 \z#z|R^w#..)....O.@1=VX@Ml8)F*@.
00000100: 28 5e 4b b3 f0 53 a1 0d b9 d1 7d fa 3b 98 8e 04 44 8a 20 4a 23 c6 9b 31 8e 9d 98 2b 65 da a0 34 (^K3pS!.9Q}z;...D..J#F.1...+eZ.4
00000120: 64 f6 c6 6b 58 48 9c 3f 29 40 f9 ed 7f 08 dc 01 13 31 dc f1 6e f7 33 9d 79 6b 9b a0 42 80 16 16 dvFkXH.?)@ym..\..1\qnw3.yk..B...
00000140: d8 5a 33 78 99 5a b8 f2 60 40 b4 31 d3 f2 b6 f4 2c 5e d4 0f ef 97 f0 6e 76 7d 9e 9f 6f 15 35 07 XZ3x.Z8r`@41Sr6t,^T.o.pnv}..o.5.
00000160: a0 35 e8 81 58 94 f2 32 99 af fa 24 37 43 af fc f7 93 20 d5 2d 13 32 05 44 b1 ff 23 78 bb 84 42 .5h.X.r2./zC/|w..U-.2.D1.#x;.B
00000180: 33 8d ff c7 76 0b f3 42 20 7f 1f 5c 64 0a 45 b4 e6 26 53 9b b9 8a ab 7e cb 60 76 80 70 32 77 c1 3..Gv.sB...\d.E4f&S.9.+~K`v.p2wA
000001a0: f0 50 58 74 7a 51 e2 9f 34 8a 6c 6d b7 28 81 13 63 3a ec 02 5e 0b 1c 9f d9 02 03 01 00 01 a3 82 pPXtzQb.4.lm7(..c:l.^...Y.....#.
000001c0: 01 3f 30 82 01 3b 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 1d 06 03 55 1d 0e 04 16 04 14 f6 .?0..;0...U.......0.0...U......v
000001e0: 48 db df 7d da 78 08 c3 b6 b4 72 31 68 1b 1e 0b 13 a6 0f 30 51 06 03 55 1d 23 04 4a 30 48 80 14 H[_}Zx.C64r1h....&.0Q..U.#.J0H..
00000200: f6 48 db df 7d da 78 08 c3 b6 b4 72 31 68 1b 1e 0b 13 a6 0f a1 2c a4 2a 30 28 31 12 30 10 06 03 vH[_}Zx.C64r1h....&.!,$*0(1.0...
00000220: 55 04 0a 13 09 4e 6f 64 65 4f 50 43 55 41 31 12 30 10 06 03 55 04 03 13 09 4e 6f 64 65 4f 50 43 U....NodeOPCUA1.0...U....NodeOPC
00000240: 55 41 82 02 10 1a 30 59 06 03 55 1d 11 04 52 30 50 86 2b 75 72 6e 3a 6f 70 63 75 61 64 65 6d 6f UA....0Y..U...R0P.+urn:opcuademo
00000260: 2e 73 74 65 72 66 69 76 65 2e 63 6f 6d 3a 4e 6f 64 65 4f 50 43 55 41 2d 53 65 72 76 65 72 82 09 .sterfive.com:NodeOPCUA-Server..
00000280: 6c 6f 63 61 6c 68 6f 73 74 82 16 6f 70 63 75 61 64 65 6d 6f 2e 73 74 65 72 66 69 76 65 2e 63 6f localhost..opcuademo.sterfive.co
000002a0: 6d 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04 1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 m0,..`.H..xB......OpenSSL.Genera
000002c0: 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 02 fc 30 ted.Certificate0...U..........|0
000002e0: 20 06 03 55 1d 25 01 01 ff 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 ...U.%.....0...+.........+......
00000300: 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 28 bd 1c bd 5f f3 eb a1 82 6b ea .0...*.H.w...........(=.=_sk!.kj
00000320: 6c 06 d9 7d fe 0d 0d 3a 4b 58 8d a4 e5 e1 7a fb f7 21 e6 89 5b 39 cd b7 56 21 21 3f 56 cd 2d 33 l.Y}~..:KX.$eaz{w!f.[9M7V!!?VM-3
00000340: 85 98 c8 ce d1 b1 51 58 8a 3c cc 65 f4 e3 5f e7 c2 90 4e d4 3d ce 11 03 3c d8 ea 10 ab 42 ce 9f ..HNQ1QX.<Letc_gB.NT=N..<Xj.+BN.
00000360: 40 0b d0 e0 fc 35 a7 bf 4f e1 6d 30 40 a6 80 b6 91 ee b4 b0 23 b5 dd 12 c9 20 ba 49 fe 8d 01 86 @.P`|5'?Oam0@&.6.n40#5].I.:I~...
00000380: ff 25 30 09 df 11 67 7c a3 b7 3b 40 c0 ba 47 3e c8 b1 a4 43 6f 3a 13 df 07 98 e0 bc f2 d2 47 d9 .%0._.g|#7;@@:G>H1$Co:._..`<rRGY
000003a0: 5e 61 d6 d1 57 7c 70 50 c9 26 6b d1 99 04 be 89 28 81 c2 c0 ef 96 4f 6c 3b 6d f3 83 d8 55 f4 b6 ^aVQW|pPI&kQ..>.(.B@o.Ol;ms.XUt6
000003c0: 1f 0d bb bb ab 23 e0 95 28 37 44 59 11 e4 da d0 d9 7f a8 10 db a7 47 6f 23 1f 13 0a b3 47 57 9a ..;;+#`.(7DY.dZPY.(.['Go#...3GW.
000003e0: ff 55 fa 62 c3 31 3c 63 46 f2 40 65 6d af e5 23 30 a9 59 ef 67 22 50 33 11 13 9b f7 68 18 12 52 .UzbC1<cFr@em/e#0)Yog"P3...wh..R
.... ( 1045)}
securityMode /* MessageSecurityMode */: SIGN ( 2)
securityPolicyUri /* String */: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
userIdentityTokens /* UserTokenPolicy [] */: [
{ /*0*/
policyId /* String */: usernamePassword
tokenType /* EnumUserIdentityTokenType */: USERNAME ( 1)
issuedTokenType /* String */: null
issuerEndpointUrl /* String */: null
securityPolicyUri /* String */: null
},
{ /*1*/
policyId /* String */: anonymous
tokenType /* EnumUserIdentityTokenType */: ANONYMOUS ( 0)
issuedTokenType /* String */: null
issuerEndpointUrl /* String */: null
securityPolicyUri /* String */: null
}
]
transportProfileUri /* String */: http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary
securityLevel /* Byte */: 3
};
done
但是如果我尝试在 OPCUA 模拟服务器 (https://www.prosysopc.com/products/opc-ua-simulation-server/) 上使用它,我会收到以下错误:
Yes! the server support this endpoints:
{ /*EndpointDescription*/
endpointUrl /* String */: opc.tcp://Ingos-MBP.fritz.box:53530
server /* ApplicationDescription */: {
applicationUri /* String */: urn:Ingos-MBP.fritz.box:OPCUA:SimulationServer
productUri /* String */: urn:prosysopc.com:OPCUA:SimulationServer
applicationName /* LocalizedText */: locale= text=SimulationServer
applicationType /* ApplicationType */: SERVER ( 0)
gatewayServerUri /* String */: null
discoveryProfileUri /* String */: null
discoveryUrls /* String [] */: [ opc.tcp://Ingos-MBP.fritz.box:53530] (l=1)
}
serverCertificate /* ByteString */
BUFFER{00000000: 30 82 04 05 30 82 02 ed a0 03 02 01 02 02 06 01 62 d3 9c 26 d8 30 0d 06 09 2a 86 48 86 f7 0d 01 0...0..m........bS.&X0...*.H.w..
00000020: 01 0b 05 00 30 59 31 19 30 17 06 03 55 04 03 0c 10 53 69 6d 75 6c 61 74 69 6f 6e 53 65 72 76 65 ....0Y1.0...U....SimulationServe
00000040: 72 31 13 30 11 06 03 55 04 0a 0c 0a 50 72 6f 73 79 73 20 4f 50 43 31 27 30 25 06 0a 09 92 26 89 r1.0...U....Prosys.OPC1'0%....&.
00000060: 93 f2 2c 64 01 19 16 17 49 6e 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e 6c 6f 63 61 6c 30 .r,d....Ingos-MacBook-Pro.local0
00000080: 1e 17 0d 31 38 30 34 31 37 31 31 33 37 32 38 5a 17 0d 32 38 30 34 31 34 31 32 33 37 32 38 5a 30 ...180417113728Z..280414123728Z0
000000a0: 59 31 19 30 17 06 03 55 04 03 0c 10 53 69 6d 75 6c 61 74 69 6f 6e 53 65 72 76 65 72 31 13 30 11 Y1.0...U....SimulationServer1.0.
000000c0: 06 03 55 04 0a 0c 0a 50 72 6f 73 79 73 20 4f 50 43 31 27 30 25 06 0a 09 92 26 89 93 f2 2c 64 01 ..U....Prosys.OPC1'0%....&..r,d.
000000e0: 19 16 17 49 6e 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e 6c 6f 63 61 6c 30 82 01 22 30 0d ...Ingos-MacBook-Pro.local0.."0.
00000100: 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 a2 69 8f bb b8 ..*.H.w...........0........"i.;8
00000120: 8c 12 6b c8 41 bc 58 75 34 6e 58 e2 fb 0a 25 8e af 4b 27 ec c7 97 7d 41 e6 7c 48 dc 92 0e dd ec ..kHA<Xu4nXb{.%./K'lG.}Af|H\..]l
00000140: bf 88 fc a4 80 e1 47 a2 3d 85 be 83 85 7a 18 37 55 55 3f 8a 55 a4 e6 51 94 43 5e 67 bb 08 e2 ab ?.|$.aG"=.>..z.7UU?.U$fQ.C^g;.b+
00000160: 0a 93 c3 d7 8f a2 c4 53 83 3c 3a bd 49 62 a3 89 5d 76 71 a0 ef 29 0a 20 43 78 a5 00 29 7a 5d 57 ..CW."DS.<:=Ib#.]vq.o)..Cx%.)z]W
00000180: 40 e5 e8 e7 37 ce 7a 9f d9 d1 8a 49 5f 42 24 7d 27 1f 99 fc e9 60 11 d5 b2 2d 99 32 bf a7 f9 ca @ehg7Nz.YQ.I_B$}'..|i`.U2-.2?'yJ
000001a0: bf f1 ad 9b b9 bf c1 90 b4 fe 72 3e 93 a9 93 1e 7f 48 9c 38 3a 76 fd 34 d2 35 b9 39 86 15 f4 1f ?q-.9?A.4~r>.)...H.8:v}4R599..t.
000001c0: 32 cf 5e e4 86 e3 f9 04 b7 68 0b d5 54 e8 cb ca 0e 01 df 45 df bb 9c 6b 31 35 62 c5 cf f0 65 a7 2O^d.cy.7h.UThKJ.._E_;.k15bEOpe'
000001e0: a5 c8 48 0a 4a 8d a1 e1 1c e1 fb 9c 2a 5e 37 26 2f 1d 2c 87 c7 25 3a fc 44 03 bb 30 94 a1 aa fb %HH.J.!a.a{.*^7&/.,.G%:|D.;0.!*{
00000200: 64 7c 0f 64 db 4e 6d b0 84 35 d7 83 09 7a 9d f3 eb a1 cd 84 7a 70 97 84 f1 38 3d 02 03 01 00 01 d|.d[Nm0.5W..z.sk!M.zp..q8=.....
00000220: a3 81 d2 30 81 cf 30 1f 06 03 55 1d 23 04 18 30 16 80 14 a9 84 09 5c 21 73 e4 fc 4e 0c 55 9d 12 #.R0.O0...U.#..0...)..\!sd|N.U..
00000240: b2 f8 5c 89 96 a6 ed 30 1d 06 03 55 1d 0e 04 16 04 14 a9 84 09 5c 21 73 e4 fc 4e 0c 55 9d 12 b2 2x\..&m0...U......)..\!sd|N.U..2
00000260: f8 5c 89 96 a6 ed 30 09 06 03 55 1d 13 04 02 30 00 30 0b 06 03 55 1d 0f 04 04 03 02 02 f4 30 1d x\..&m0...U....0.0...U.......t0.
00000280: 06 03 55 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 30 56 06 ..U.%..0...+.........+.......0V.
000002a0: 03 55 1d 11 04 4f 30 4d 86 32 75 72 6e 3a 49 6e 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e .U...O0M.2urn:Ingos-MacBook-Pro.
000002c0: 6c 6f 63 61 6c 3a 4f 50 43 55 41 3a 53 69 6d 75 6c 61 74 69 6f 6e 53 65 72 76 65 72 82 17 49 6e local:OPCUA:SimulationServer..In
000002e0: 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e 6c 6f 63 61 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 gos-MacBook-Pro.local0...*.H.w..
00000300: 01 0b 05 00 03 82 01 01 00 53 fa ea dd ed 2e f2 ec 25 14 f8 9c 0f 1b 3f 93 90 3f b9 de 48 b1 9d .........Szj]m.rl%.x...?..?9^H1.
00000320: 7d 32 d7 6b 6b df f1 56 b1 06 e7 69 4e c0 c9 c9 81 fd 3d af fc c5 db 6a 2d d2 d0 d1 77 7e 46 da }2Wkk_qV1.giN@II.}=/|E[j-RPQw~FZ
00000340: 09 ad ed 1b 50 ea 1b 7f 2a da f5 4d 02 25 ec 30 18 d7 2c 82 f2 a0 b7 fc c4 01 53 51 20 c3 20 b4 .-m.Pj..*ZuM.%l0.W,.r.7|D.SQ.C.4
00000360: 40 97 39 54 c6 0b 3e 92 ba a5 eb 15 66 43 b4 6f fe f5 57 3a fe e1 79 fa 73 5f 0b ee 3d e2 b1 f6 @.9TF.>.:%k.fC4o~uW:~ayzs_.n=b1v
00000380: 41 b1 74 d6 93 dc b9 70 7a 17 aa e4 a9 2b a6 6c dd bc a8 23 e2 22 14 ef 4e 6e ab f9 19 86 40 fb A1tV.pz.*d)+&l]<(#b".oNn+y..@{
000003a0: e7 d3 be 09 18 47 51 bf 00 b7 35 99 d0 fb 1c 7f a7 0d 65 38 7e 84 9c f5 bc c2 af 29 d0 dc f6 8a gS>..GQ?.75.P{..'.e8~..u<B/)P\v.
000003c0: 79 2d 3e 67 c4 92 ea 9f 67 29 17 3b 1a 9a 5c 26 53 62 bd 47 c5 ce 51 fb 9c b9 81 7c 56 31 87 aa y->gD.j.g).;..\&Sb=GENQ{.9.|V1.*
000003e0: 02 fd 47 32 5c bd 24 5b 47 e3 d3 63 9a 22 72 89 6c 47 64 8a ba 0b 78 b5 60 60 30 5e d0 9f c6 44 .}G2\=$[GcSc."r.lGd.:.x5``0^P.FD
.... ( 1033)}
securityMode /* MessageSecurityMode */: SIGN ( 2)
securityPolicyUri /* String */: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
userIdentityTokens /* UserTokenPolicy [] */: [
{ /*0*/
policyId /* String */: anonymous
tokenType /* EnumUserIdentityTokenType */: ANONYMOUS ( 0)
issuedTokenType /* String */: null
issuerEndpointUrl /* String */: null
securityPolicyUri /* String */: null
}
]
transportProfileUri /* String */: http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary
securityLevel /* Byte */: 1
};
ERROR RECEIVED FROM SENDER BadSecurityChecksFailed (0x80130000) Bad_SecurityChecksFailed (code=0x80130000, description="An error occurred verifying security.")
00000000: 45 52 52 46 6f 00 00 00 00 00 13 80 5f 00 00 00 42 61 64 5f 53 65 63 75 72 69 74 79 43 68 65 63 ERRFo......._...Bad_SecurityChec
00000020: 6b 73 46 61 69 6c 65 64 20 28 63 6f 64 65 3d 30 78 38 30 31 33 30 30 30 30 2c 20 64 65 73 63 72 ksFailed.(code=0x80130000,.descr
00000040: 69 70 74 69 6f 6e 3d 22 41 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 76 65 72 69 66 79 iption="An.error.occurred.verify
00000060: 69 6e 67 20 73 65 63 75 72 69 74 79 2e 22 29 ing.security.")
message was
undefined
message was 2: { /*OpenSecureChannelRequest*/
requestHeader /* RequestHeader */: {
authenticationToken /* NodeId */: ns=0;i=0
timeStamp /* UtcTime */: 2018-06-03T20:17:27.545Z
requestHandle /* IntegerId */: 1 0x1
returnDiagnostics /* UInt32 */: 0 0x0
auditEntryId /* UAString */: null
timeoutHint /* UInt32 */: 0 0x0
additionalHeader /* ExtensionObject */: null
}
clientProtocolVersion /* UInt32 */: 0 0x0
requestType /* SecurityTokenRequestType */: ISSUE ( 0)
securityMode /* MessageSecurityMode */: SIGN ( 2)
clientNonce /* ByteString */
BUFFER{00000000: 7b 08 31 37 c9 48 ef a9 1a a5 47 67 7b e2 e7 18 42 24 27 ca 04 a4 ad aa 0f 01 4d 27 18 c1 36 09 {.17IHo).%Gg{bg.B$'J.$-*..M'.A6.
}
requestedLifetime /* UInt32 */: 600000 0x927c0
};
ERROR RECEIVED FROM SENDER BadSecurityChecksFailed (0x80130000) Bad_SecurityChecksFailed (code=0x80130000, description="An error occurred verifying security.")
00000000: 45 52 52 46 6f 00 00 00 00 00 13 80 5f 00 00 00 42 61 64 5f 53 65 63 75 72 69 74 79 43 68 65 63 ERRFo......._...Bad_SecurityChec
00000020: 6b 73 46 61 69 6c 65 64 20 28 63 6f 64 65 3d 30 78 38 30 31 33 30 30 30 30 2c 20 64 65 73 63 72 ksFailed.(code=0x80130000,.descr
00000040: 69 70 74 69 6f 6e 3d 22 41 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 76 65 72 69 66 79 iption="An.error.occurred.verify
00000060: 69 6e 67 20 73 65 63 75 72 69 74 79 2e 22 29 ing.security.")
message was
undefined
message was 2: { /*OpenSecureChannelRequest*/
requestHeader /* RequestHeader */: {
authenticationToken /* NodeId */: ns=0;i=0
timeStamp /* UtcTime */: 2018-06-03T20:17:27.545Z
requestHandle /* IntegerId */: 1 0x1
returnDiagnostics /* UInt32 */: 0 0x0
auditEntryId /* UAString */: null
timeoutHint /* UInt32 */: 0 0x0
additionalHeader /* ExtensionObject */: null
}
clientProtocolVersion /* UInt32 */: 0 0x0
requestType /* SecurityTokenRequestType */: ISSUE ( 0)
securityMode /* MessageSecurityMode */: SIGN ( 2)
clientNonce /* ByteString */
BUFFER{00000000: 7b 08 31 37 c9 48 ef a9 1a a5 47 67 7b e2 e7 18 42 24 27 ca 04 a4 ad aa 0f 01 4d 27 18 c1 36 09 {.17IHo).%Gg{bg.B$'J.$-*..M'.A6.
}
requestedLifetime /* UInt32 */: 600000 0x927c0
};
(node:1235) UnhandledPromiseRejectionWarning: Error: _socket has been disconnected by third party
at ClientTCP_transport.TCP_transport._on_socket_ended_message (/Users/ingokaiser/Downloads/0/node_modules/node-opcua-transport/src/tcp_transport.js:267:18)
at Socket.<anonymous> (/Users/ingokaiser/Downloads/0/node_modules/node-opcua-transport/src/tcp_transport.js:333:14)
at emitNone (events.js:111:20)
at Socket.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1064:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
(node:1235) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id:1)
(node:1235) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
这是服务器配置:
我在这里错过了什么?
我正在尝试连接到具有未知 securityMode 和 securityPolicy 的 opcua 服务器。可能是我的基本理解有问题,但是根据OPCUA规范,我可以通过本地DiscoveryServer获取EndpointDescription,然后打开一个SecureChannel(session)。
目前我在未指定安全设置的情况下连接到服务器,读出端点,然后 select 适当的安全设置并重新连接。
const getEndpoints = function (endpointUrl) {
return new Promise(function (resolve, reject) {
let client = new opcua.OPCUAClient();
client.connect(endpointUrl, function (err) {
if(err) reject(new Error(err));
client.getEndpointsRequest(function (err,endpoints) {
let reducedEndpoints = endpoints.map(endpoint =>
({
endpointUrl: endpoint.endpointUrl,
securityMode: endpoint.securityMode,
securityPolicy: endpoint.securityPolicyUri,
})
);
resolve(endpoints);
// resolve(reducedEndpoints);
client.disconnect();
})
})
})
}
const connect = function (endpointUrl, options) {
return new Promise(function (resolve, reject) {
const defaultOptions = {
connectionStrategy: {
maxRetry: 6,
},
keepSessionAlive: true,
endpoint_must_exist: false,
securityMode: options.MessageSecurityMode.NONE,
securityPolicy: SecurityPolicy.None,
};
let client = new opcua.OPCUAClient(Object.assign({}, defaultOptions, options));
client.connect(endpointUrl, function (err) {
if(err) {
reject(new Error(err));
}
resolve(client)
});
});
};
感觉不对。如果有人能帮我举个例子就好了。
此致
- 客户端通常会查询 OPCUA 服务器的端点,以便 找出它将用于的最佳安全和加密模式是什么 连接到服务器。
- getEndpoints 是不需要客户端在服务器上打开会话的服务之一。
// with node-opcua@0.4.1
const opcua = require("node-opcua");
async function getEndpoints(endpointUrl) {
let client = new opcua.OPCUAClient();
await client.connect(endpointUrl);
const endpoints = await client.getEndpoints();
const reducedEndpoints = endpoints.map(endpoint => ({
endpointUrl: endpoint.endpointUrl,
securityMode: endpoint.securityMode.toString(),
securityPolicy: endpoint.securityPolicyUri.toString(),
}));
await client.disconnect();
return reducedEndpoints;
}
async function main() {
const endpoints = await getEndpoints("opc.tcp://opcuademo.sterfive.com:26543");
console.log(endpoints);
}
main().then();
此代码将输出:
[ { endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'NONE',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#None' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGN',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGN',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGN',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGNANDENCRYPT',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGNANDENCRYPT',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256' },
{ endpointUrl: 'opc.tcp://opcuademo.sterfive.com:26543',
securityMode: 'SIGNANDENCRYPT',
securityPolicy: 'http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256' } ]
也就是说,node-opcua 客户端将在连接期间自动查询服务器端点 并验证用户请求的 securityMode 和 securityPolicy 是否可用。
// with node-opcua@0.4.1
const opcua = require("node-opcua");
async function verifyEndpointAndConnect(endpointUrl) {
let client = new opcua.OPCUAClient();
await client.connect(endpointUrl);
// note that client has already requested the server endpoints
// during the connection. We can now simply query the Application
// description matching our security settings
const applicationDescription = client.findEndpointForSecurity(
opcua.MessageSecurityMode.SIGN,
opcua.SecurityPolicy.Basic256Sha256
);
await client.disconnect();
if (applicationDescription) {
console.log("Yes! the server support this endpoints:");
console.log(applicationDescription.toString());
}else {
console.log("Sorry! this server do not support the requested security mode");
return;
}
// let recreate our client with the requested security mode
client = new opcua.OPCUAClient({
securityMode: opcua.MessageSecurityMode.SIGN,
securityPolicy: opcua.SecurityPolicy.Basic256Sha256,
});
await client.connect(endpointUrl);
// [...] do something with this connected client.
await client.disconnect();
}
async function main() {
await verifyEndpointAndConnect("opc.tcp://opcuademo.sterfive.com:26543");
console.log("done");
}
main();
艾蒂安,谢谢你的回答。示例代码就像一个魅力。这是答案:
Yes! the server support this endpoints:
{ /*EndpointDescription*/
endpointUrl /* String */: opc.tcp://opcuademo.sterfive.com:26543
server /* ApplicationDescription */: {
applicationUri /* String */: urn:opcuademo.sterfive.com:NodeOPCUA-Server
productUri /* String */: NodeOPCUA-Server
applicationName /* LocalizedText */: locale=null text=NodeOPCUA
applicationType /* ApplicationType */: SERVER ( 0)
gatewayServerUri /* String */: null
discoveryProfileUri /* String */: null
discoveryUrls /* String [] */: [ /* empty*/ ]
}
serverCertificate /* ByteString */
BUFFER{00000000: 30 82 04 11 30 82 02 f9 a0 03 02 01 02 02 02 10 1a 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 0...0..y.........0...*.H.w......
00000020: 30 28 31 12 30 10 06 03 55 04 0a 13 09 4e 6f 64 65 4f 50 43 55 41 31 12 30 10 06 03 55 04 03 13 0(1.0...U....NodeOPCUA1.0...U...
00000040: 09 4e 6f 64 65 4f 50 43 55 41 30 22 18 0f 32 30 31 38 30 32 31 30 32 30 33 38 31 33 5a 18 0f 32 .NodeOPCUA0"..20180210203813Z..2
00000060: 30 31 39 30 32 31 30 32 30 33 38 31 33 5a 30 28 31 12 30 10 06 03 55 04 0a 13 09 4e 6f 64 65 4f 0190210203813Z0(1.0...U....NodeO
00000080: 50 43 55 41 31 12 30 10 06 03 55 04 03 13 09 4e 6f 64 65 4f 50 43 55 41 30 82 01 22 30 0d 06 09 PCUA1.0...U....NodeOPCUA0.."0...
000000a0: 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ae 38 4e 06 c8 d2 13 *.H.w...........0.........8N.HR.
000000c0: b6 d1 6d 42 e7 1c 17 4f 68 9b da 5e 6d 79 82 d0 ea 6b 81 0c 05 bc 1d 23 ab ec 81 7c 1d 52 94 f2 6QmBg..Oh.Z^my.Pjk...<.#+l.|.R.r
000000e0: 5c fa 23 7a fc d2 5e f7 a3 85 94 29 97 07 85 01 cf 94 40 31 bd 56 d8 c0 4d ec 38 a9 c6 aa 40 20 \z#z|R^w#..)....O.@1=VX@Ml8)F*@.
00000100: 28 5e 4b b3 f0 53 a1 0d b9 d1 7d fa 3b 98 8e 04 44 8a 20 4a 23 c6 9b 31 8e 9d 98 2b 65 da a0 34 (^K3pS!.9Q}z;...D..J#F.1...+eZ.4
00000120: 64 f6 c6 6b 58 48 9c 3f 29 40 f9 ed 7f 08 dc 01 13 31 dc f1 6e f7 33 9d 79 6b 9b a0 42 80 16 16 dvFkXH.?)@ym..\..1\qnw3.yk..B...
00000140: d8 5a 33 78 99 5a b8 f2 60 40 b4 31 d3 f2 b6 f4 2c 5e d4 0f ef 97 f0 6e 76 7d 9e 9f 6f 15 35 07 XZ3x.Z8r`@41Sr6t,^T.o.pnv}..o.5.
00000160: a0 35 e8 81 58 94 f2 32 99 af fa 24 37 43 af fc f7 93 20 d5 2d 13 32 05 44 b1 ff 23 78 bb 84 42 .5h.X.r2./zC/|w..U-.2.D1.#x;.B
00000180: 33 8d ff c7 76 0b f3 42 20 7f 1f 5c 64 0a 45 b4 e6 26 53 9b b9 8a ab 7e cb 60 76 80 70 32 77 c1 3..Gv.sB...\d.E4f&S.9.+~K`v.p2wA
000001a0: f0 50 58 74 7a 51 e2 9f 34 8a 6c 6d b7 28 81 13 63 3a ec 02 5e 0b 1c 9f d9 02 03 01 00 01 a3 82 pPXtzQb.4.lm7(..c:l.^...Y.....#.
000001c0: 01 3f 30 82 01 3b 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 1d 06 03 55 1d 0e 04 16 04 14 f6 .?0..;0...U.......0.0...U......v
000001e0: 48 db df 7d da 78 08 c3 b6 b4 72 31 68 1b 1e 0b 13 a6 0f 30 51 06 03 55 1d 23 04 4a 30 48 80 14 H[_}Zx.C64r1h....&.0Q..U.#.J0H..
00000200: f6 48 db df 7d da 78 08 c3 b6 b4 72 31 68 1b 1e 0b 13 a6 0f a1 2c a4 2a 30 28 31 12 30 10 06 03 vH[_}Zx.C64r1h....&.!,$*0(1.0...
00000220: 55 04 0a 13 09 4e 6f 64 65 4f 50 43 55 41 31 12 30 10 06 03 55 04 03 13 09 4e 6f 64 65 4f 50 43 U....NodeOPCUA1.0...U....NodeOPC
00000240: 55 41 82 02 10 1a 30 59 06 03 55 1d 11 04 52 30 50 86 2b 75 72 6e 3a 6f 70 63 75 61 64 65 6d 6f UA....0Y..U...R0P.+urn:opcuademo
00000260: 2e 73 74 65 72 66 69 76 65 2e 63 6f 6d 3a 4e 6f 64 65 4f 50 43 55 41 2d 53 65 72 76 65 72 82 09 .sterfive.com:NodeOPCUA-Server..
00000280: 6c 6f 63 61 6c 68 6f 73 74 82 16 6f 70 63 75 61 64 65 6d 6f 2e 73 74 65 72 66 69 76 65 2e 63 6f localhost..opcuademo.sterfive.co
000002a0: 6d 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04 1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 m0,..`.H..xB......OpenSSL.Genera
000002c0: 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 02 fc 30 ted.Certificate0...U..........|0
000002e0: 20 06 03 55 1d 25 01 01 ff 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 ...U.%.....0...+.........+......
00000300: 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 28 bd 1c bd 5f f3 eb a1 82 6b ea .0...*.H.w...........(=.=_sk!.kj
00000320: 6c 06 d9 7d fe 0d 0d 3a 4b 58 8d a4 e5 e1 7a fb f7 21 e6 89 5b 39 cd b7 56 21 21 3f 56 cd 2d 33 l.Y}~..:KX.$eaz{w!f.[9M7V!!?VM-3
00000340: 85 98 c8 ce d1 b1 51 58 8a 3c cc 65 f4 e3 5f e7 c2 90 4e d4 3d ce 11 03 3c d8 ea 10 ab 42 ce 9f ..HNQ1QX.<Letc_gB.NT=N..<Xj.+BN.
00000360: 40 0b d0 e0 fc 35 a7 bf 4f e1 6d 30 40 a6 80 b6 91 ee b4 b0 23 b5 dd 12 c9 20 ba 49 fe 8d 01 86 @.P`|5'?Oam0@&.6.n40#5].I.:I~...
00000380: ff 25 30 09 df 11 67 7c a3 b7 3b 40 c0 ba 47 3e c8 b1 a4 43 6f 3a 13 df 07 98 e0 bc f2 d2 47 d9 .%0._.g|#7;@@:G>H1$Co:._..`<rRGY
000003a0: 5e 61 d6 d1 57 7c 70 50 c9 26 6b d1 99 04 be 89 28 81 c2 c0 ef 96 4f 6c 3b 6d f3 83 d8 55 f4 b6 ^aVQW|pPI&kQ..>.(.B@o.Ol;ms.XUt6
000003c0: 1f 0d bb bb ab 23 e0 95 28 37 44 59 11 e4 da d0 d9 7f a8 10 db a7 47 6f 23 1f 13 0a b3 47 57 9a ..;;+#`.(7DY.dZPY.(.['Go#...3GW.
000003e0: ff 55 fa 62 c3 31 3c 63 46 f2 40 65 6d af e5 23 30 a9 59 ef 67 22 50 33 11 13 9b f7 68 18 12 52 .UzbC1<cFr@em/e#0)Yog"P3...wh..R
.... ( 1045)}
securityMode /* MessageSecurityMode */: SIGN ( 2)
securityPolicyUri /* String */: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
userIdentityTokens /* UserTokenPolicy [] */: [
{ /*0*/
policyId /* String */: usernamePassword
tokenType /* EnumUserIdentityTokenType */: USERNAME ( 1)
issuedTokenType /* String */: null
issuerEndpointUrl /* String */: null
securityPolicyUri /* String */: null
},
{ /*1*/
policyId /* String */: anonymous
tokenType /* EnumUserIdentityTokenType */: ANONYMOUS ( 0)
issuedTokenType /* String */: null
issuerEndpointUrl /* String */: null
securityPolicyUri /* String */: null
}
]
transportProfileUri /* String */: http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary
securityLevel /* Byte */: 3
};
done
但是如果我尝试在 OPCUA 模拟服务器 (https://www.prosysopc.com/products/opc-ua-simulation-server/) 上使用它,我会收到以下错误:
Yes! the server support this endpoints:
{ /*EndpointDescription*/
endpointUrl /* String */: opc.tcp://Ingos-MBP.fritz.box:53530
server /* ApplicationDescription */: {
applicationUri /* String */: urn:Ingos-MBP.fritz.box:OPCUA:SimulationServer
productUri /* String */: urn:prosysopc.com:OPCUA:SimulationServer
applicationName /* LocalizedText */: locale= text=SimulationServer
applicationType /* ApplicationType */: SERVER ( 0)
gatewayServerUri /* String */: null
discoveryProfileUri /* String */: null
discoveryUrls /* String [] */: [ opc.tcp://Ingos-MBP.fritz.box:53530] (l=1)
}
serverCertificate /* ByteString */
BUFFER{00000000: 30 82 04 05 30 82 02 ed a0 03 02 01 02 02 06 01 62 d3 9c 26 d8 30 0d 06 09 2a 86 48 86 f7 0d 01 0...0..m........bS.&X0...*.H.w..
00000020: 01 0b 05 00 30 59 31 19 30 17 06 03 55 04 03 0c 10 53 69 6d 75 6c 61 74 69 6f 6e 53 65 72 76 65 ....0Y1.0...U....SimulationServe
00000040: 72 31 13 30 11 06 03 55 04 0a 0c 0a 50 72 6f 73 79 73 20 4f 50 43 31 27 30 25 06 0a 09 92 26 89 r1.0...U....Prosys.OPC1'0%....&.
00000060: 93 f2 2c 64 01 19 16 17 49 6e 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e 6c 6f 63 61 6c 30 .r,d....Ingos-MacBook-Pro.local0
00000080: 1e 17 0d 31 38 30 34 31 37 31 31 33 37 32 38 5a 17 0d 32 38 30 34 31 34 31 32 33 37 32 38 5a 30 ...180417113728Z..280414123728Z0
000000a0: 59 31 19 30 17 06 03 55 04 03 0c 10 53 69 6d 75 6c 61 74 69 6f 6e 53 65 72 76 65 72 31 13 30 11 Y1.0...U....SimulationServer1.0.
000000c0: 06 03 55 04 0a 0c 0a 50 72 6f 73 79 73 20 4f 50 43 31 27 30 25 06 0a 09 92 26 89 93 f2 2c 64 01 ..U....Prosys.OPC1'0%....&..r,d.
000000e0: 19 16 17 49 6e 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e 6c 6f 63 61 6c 30 82 01 22 30 0d ...Ingos-MacBook-Pro.local0.."0.
00000100: 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 a2 69 8f bb b8 ..*.H.w...........0........"i.;8
00000120: 8c 12 6b c8 41 bc 58 75 34 6e 58 e2 fb 0a 25 8e af 4b 27 ec c7 97 7d 41 e6 7c 48 dc 92 0e dd ec ..kHA<Xu4nXb{.%./K'lG.}Af|H\..]l
00000140: bf 88 fc a4 80 e1 47 a2 3d 85 be 83 85 7a 18 37 55 55 3f 8a 55 a4 e6 51 94 43 5e 67 bb 08 e2 ab ?.|$.aG"=.>..z.7UU?.U$fQ.C^g;.b+
00000160: 0a 93 c3 d7 8f a2 c4 53 83 3c 3a bd 49 62 a3 89 5d 76 71 a0 ef 29 0a 20 43 78 a5 00 29 7a 5d 57 ..CW."DS.<:=Ib#.]vq.o)..Cx%.)z]W
00000180: 40 e5 e8 e7 37 ce 7a 9f d9 d1 8a 49 5f 42 24 7d 27 1f 99 fc e9 60 11 d5 b2 2d 99 32 bf a7 f9 ca @ehg7Nz.YQ.I_B$}'..|i`.U2-.2?'yJ
000001a0: bf f1 ad 9b b9 bf c1 90 b4 fe 72 3e 93 a9 93 1e 7f 48 9c 38 3a 76 fd 34 d2 35 b9 39 86 15 f4 1f ?q-.9?A.4~r>.)...H.8:v}4R599..t.
000001c0: 32 cf 5e e4 86 e3 f9 04 b7 68 0b d5 54 e8 cb ca 0e 01 df 45 df bb 9c 6b 31 35 62 c5 cf f0 65 a7 2O^d.cy.7h.UThKJ.._E_;.k15bEOpe'
000001e0: a5 c8 48 0a 4a 8d a1 e1 1c e1 fb 9c 2a 5e 37 26 2f 1d 2c 87 c7 25 3a fc 44 03 bb 30 94 a1 aa fb %HH.J.!a.a{.*^7&/.,.G%:|D.;0.!*{
00000200: 64 7c 0f 64 db 4e 6d b0 84 35 d7 83 09 7a 9d f3 eb a1 cd 84 7a 70 97 84 f1 38 3d 02 03 01 00 01 d|.d[Nm0.5W..z.sk!M.zp..q8=.....
00000220: a3 81 d2 30 81 cf 30 1f 06 03 55 1d 23 04 18 30 16 80 14 a9 84 09 5c 21 73 e4 fc 4e 0c 55 9d 12 #.R0.O0...U.#..0...)..\!sd|N.U..
00000240: b2 f8 5c 89 96 a6 ed 30 1d 06 03 55 1d 0e 04 16 04 14 a9 84 09 5c 21 73 e4 fc 4e 0c 55 9d 12 b2 2x\..&m0...U......)..\!sd|N.U..2
00000260: f8 5c 89 96 a6 ed 30 09 06 03 55 1d 13 04 02 30 00 30 0b 06 03 55 1d 0f 04 04 03 02 02 f4 30 1d x\..&m0...U....0.0...U.......t0.
00000280: 06 03 55 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 30 56 06 ..U.%..0...+.........+.......0V.
000002a0: 03 55 1d 11 04 4f 30 4d 86 32 75 72 6e 3a 49 6e 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e .U...O0M.2urn:Ingos-MacBook-Pro.
000002c0: 6c 6f 63 61 6c 3a 4f 50 43 55 41 3a 53 69 6d 75 6c 61 74 69 6f 6e 53 65 72 76 65 72 82 17 49 6e local:OPCUA:SimulationServer..In
000002e0: 67 6f 73 2d 4d 61 63 42 6f 6f 6b 2d 50 72 6f 2e 6c 6f 63 61 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 gos-MacBook-Pro.local0...*.H.w..
00000300: 01 0b 05 00 03 82 01 01 00 53 fa ea dd ed 2e f2 ec 25 14 f8 9c 0f 1b 3f 93 90 3f b9 de 48 b1 9d .........Szj]m.rl%.x...?..?9^H1.
00000320: 7d 32 d7 6b 6b df f1 56 b1 06 e7 69 4e c0 c9 c9 81 fd 3d af fc c5 db 6a 2d d2 d0 d1 77 7e 46 da }2Wkk_qV1.giN@II.}=/|E[j-RPQw~FZ
00000340: 09 ad ed 1b 50 ea 1b 7f 2a da f5 4d 02 25 ec 30 18 d7 2c 82 f2 a0 b7 fc c4 01 53 51 20 c3 20 b4 .-m.Pj..*ZuM.%l0.W,.r.7|D.SQ.C.4
00000360: 40 97 39 54 c6 0b 3e 92 ba a5 eb 15 66 43 b4 6f fe f5 57 3a fe e1 79 fa 73 5f 0b ee 3d e2 b1 f6 @.9TF.>.:%k.fC4o~uW:~ayzs_.n=b1v
00000380: 41 b1 74 d6 93 dc b9 70 7a 17 aa e4 a9 2b a6 6c dd bc a8 23 e2 22 14 ef 4e 6e ab f9 19 86 40 fb A1tV.pz.*d)+&l]<(#b".oNn+y..@{
000003a0: e7 d3 be 09 18 47 51 bf 00 b7 35 99 d0 fb 1c 7f a7 0d 65 38 7e 84 9c f5 bc c2 af 29 d0 dc f6 8a gS>..GQ?.75.P{..'.e8~..u<B/)P\v.
000003c0: 79 2d 3e 67 c4 92 ea 9f 67 29 17 3b 1a 9a 5c 26 53 62 bd 47 c5 ce 51 fb 9c b9 81 7c 56 31 87 aa y->gD.j.g).;..\&Sb=GENQ{.9.|V1.*
000003e0: 02 fd 47 32 5c bd 24 5b 47 e3 d3 63 9a 22 72 89 6c 47 64 8a ba 0b 78 b5 60 60 30 5e d0 9f c6 44 .}G2\=$[GcSc."r.lGd.:.x5``0^P.FD
.... ( 1033)}
securityMode /* MessageSecurityMode */: SIGN ( 2)
securityPolicyUri /* String */: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
userIdentityTokens /* UserTokenPolicy [] */: [
{ /*0*/
policyId /* String */: anonymous
tokenType /* EnumUserIdentityTokenType */: ANONYMOUS ( 0)
issuedTokenType /* String */: null
issuerEndpointUrl /* String */: null
securityPolicyUri /* String */: null
}
]
transportProfileUri /* String */: http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary
securityLevel /* Byte */: 1
};
ERROR RECEIVED FROM SENDER BadSecurityChecksFailed (0x80130000) Bad_SecurityChecksFailed (code=0x80130000, description="An error occurred verifying security.")
00000000: 45 52 52 46 6f 00 00 00 00 00 13 80 5f 00 00 00 42 61 64 5f 53 65 63 75 72 69 74 79 43 68 65 63 ERRFo......._...Bad_SecurityChec
00000020: 6b 73 46 61 69 6c 65 64 20 28 63 6f 64 65 3d 30 78 38 30 31 33 30 30 30 30 2c 20 64 65 73 63 72 ksFailed.(code=0x80130000,.descr
00000040: 69 70 74 69 6f 6e 3d 22 41 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 76 65 72 69 66 79 iption="An.error.occurred.verify
00000060: 69 6e 67 20 73 65 63 75 72 69 74 79 2e 22 29 ing.security.")
message was
undefined
message was 2: { /*OpenSecureChannelRequest*/
requestHeader /* RequestHeader */: {
authenticationToken /* NodeId */: ns=0;i=0
timeStamp /* UtcTime */: 2018-06-03T20:17:27.545Z
requestHandle /* IntegerId */: 1 0x1
returnDiagnostics /* UInt32 */: 0 0x0
auditEntryId /* UAString */: null
timeoutHint /* UInt32 */: 0 0x0
additionalHeader /* ExtensionObject */: null
}
clientProtocolVersion /* UInt32 */: 0 0x0
requestType /* SecurityTokenRequestType */: ISSUE ( 0)
securityMode /* MessageSecurityMode */: SIGN ( 2)
clientNonce /* ByteString */
BUFFER{00000000: 7b 08 31 37 c9 48 ef a9 1a a5 47 67 7b e2 e7 18 42 24 27 ca 04 a4 ad aa 0f 01 4d 27 18 c1 36 09 {.17IHo).%Gg{bg.B$'J.$-*..M'.A6.
}
requestedLifetime /* UInt32 */: 600000 0x927c0
};
ERROR RECEIVED FROM SENDER BadSecurityChecksFailed (0x80130000) Bad_SecurityChecksFailed (code=0x80130000, description="An error occurred verifying security.")
00000000: 45 52 52 46 6f 00 00 00 00 00 13 80 5f 00 00 00 42 61 64 5f 53 65 63 75 72 69 74 79 43 68 65 63 ERRFo......._...Bad_SecurityChec
00000020: 6b 73 46 61 69 6c 65 64 20 28 63 6f 64 65 3d 30 78 38 30 31 33 30 30 30 30 2c 20 64 65 73 63 72 ksFailed.(code=0x80130000,.descr
00000040: 69 70 74 69 6f 6e 3d 22 41 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 76 65 72 69 66 79 iption="An.error.occurred.verify
00000060: 69 6e 67 20 73 65 63 75 72 69 74 79 2e 22 29 ing.security.")
message was
undefined
message was 2: { /*OpenSecureChannelRequest*/
requestHeader /* RequestHeader */: {
authenticationToken /* NodeId */: ns=0;i=0
timeStamp /* UtcTime */: 2018-06-03T20:17:27.545Z
requestHandle /* IntegerId */: 1 0x1
returnDiagnostics /* UInt32 */: 0 0x0
auditEntryId /* UAString */: null
timeoutHint /* UInt32 */: 0 0x0
additionalHeader /* ExtensionObject */: null
}
clientProtocolVersion /* UInt32 */: 0 0x0
requestType /* SecurityTokenRequestType */: ISSUE ( 0)
securityMode /* MessageSecurityMode */: SIGN ( 2)
clientNonce /* ByteString */
BUFFER{00000000: 7b 08 31 37 c9 48 ef a9 1a a5 47 67 7b e2 e7 18 42 24 27 ca 04 a4 ad aa 0f 01 4d 27 18 c1 36 09 {.17IHo).%Gg{bg.B$'J.$-*..M'.A6.
}
requestedLifetime /* UInt32 */: 600000 0x927c0
};
(node:1235) UnhandledPromiseRejectionWarning: Error: _socket has been disconnected by third party
at ClientTCP_transport.TCP_transport._on_socket_ended_message (/Users/ingokaiser/Downloads/0/node_modules/node-opcua-transport/src/tcp_transport.js:267:18)
at Socket.<anonymous> (/Users/ingokaiser/Downloads/0/node_modules/node-opcua-transport/src/tcp_transport.js:333:14)
at emitNone (events.js:111:20)
at Socket.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1064:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
(node:1235) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id:1)
(node:1235) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
这是服务器配置:
我在这里错过了什么?