OPCUA Client invalid endpoint error node-red-contrib-opcua

Dear all,

right now I'm facing a strange issue. I want to use S7-1200 PLC (correct firmware for opcua) with TIA portal. S7-1200 is opcua server, nod-red shall be opcua client. Also I'm using ua expert as an opcua client test software. With ua expert, I get correct data via OPCUA. If I'm using nod red and want to read out measurement data of a sensor, it doesn't work.

I simply use a nod inject, which goes to opcua client, which is connected with a gauge in nod red.
Datatype and nod identifier should be correct. My problem is, if I want to deploy my configuration in nod red, I get following error:

invalid Endpoint error: Cannot find private key C:.....\private_key.pem

I'm using no private key and no certificate. It's just for a quick test. Endpoint setting should be also correct. I've just chosen opcua server adress.

Client uses certificate manager, if it cannot create folder it could cause this kind of error.
Make sure that node-red has permissions to create needed folders.
Investigate console log more detailed.

Thank you for your answer! The only error, which is shown is following:

cannot find file: C:\Users.....\openssl.exe
openssl seems to be missing and need to be installed

Is openssl required for using opcua client? If so, I will test

Yes it is needed. Normally node-opcua (certificate manager) will install it silently.
Of course it will need internet connection to be able to download it.

@mikakaraila, I installed OPCUA on a system then deployed it to a folder using Node-RED-Alternate-Installer. Then I'm having this same situation.

28 Sep 14:25:32 - [warn] [OpcUa-Client:ac877344.62b8a] OpcUaClientNode: Case B: UserName & password does not match to server (needed by Sign): undefined undefined
28 Sep 14:25:33 - [warn] [OpcUa-Client:1157788a.254107] OpcUaClientNode: Case A: Endpoint does not contain, 1==None 2==Sign 3==Sign&Encrypt securityMode:[1] securityPolicy:["http://opcfoundation.org/UA/SecurityPolicy#None"]
28 Sep 14:25:33 - [warn] [OpcUa-Client:1157788a.254107] OpcUaClientNode: Case B: UserName & password does not match to server (needed by Sign): undefined undefined
28 Sep 14:25:33 - [warn] [OpcUa-Client:ea57229e.940c] OpcUaClientNode: Case A: Endpoint does not contain, 1==None 2==Sign 3==Sign&Encrypt securityMode:[1] securityPolicy:["http://opcfoundation.org/UA/SecurityPolicy#None"]
28 Sep 14:25:33 - [warn] [OpcUa-Client:ea57229e.940c] OpcUaClientNode: Case B: UserName & password does not match to server (needed by Sign): undefined undefined
28 Sep 14:25:33 - [warn] [OpcUa-Client:1d5f86fb.18f339] OpcUaClientNode: Case A: Endpoint does not contain, 1==None 2==Sign 3==Sign&Encrypt securityMode:[1] securityPolicy:["http://opcfoundation.org/UA/SecurityPolicy#None"]
28 Sep 14:25:33 - [warn] [OpcUa-Client:1d5f86fb.18f339] OpcUaClientNode: Case B: UserName & password does not match to server (needed by Sign): undefined undefined

This PC cannot get to the internet due to its location on our network. You mentioned the client should have rights to create this file which

The node has this error.
Invalid endpoint Errror: Cannot find private key C:\WINDOWS\System32\config\sysemprofile\AppData\Roaming\node-red-opcua-nodejs\Config\PKI\private_key.pem

Please help me understand what I can do to fix this? I have other systems which are connecting to Kepware and work OK as far as local tags and no authentication. This is one which I installed and upgraded today.

In version 0.2.85. the option is "None, No Certificate used" Now in 0.2.289 its "None, Use Generated self-signed Certificate". Would it be possible to have an option which allows you to completely remove and allow no security for at least test purposes? Please help. How do I allow it to do what it needs or, how do I create and get the file in the right place?

Downloaded openssl AND IT WORKS!

1 Like