Possible Causes of Connection Setup Failure

For PCo 15.1, a new version of the OPC library, which sets stricter standards when checking certificates than was the case until now, has been integrated into PCo. This means that even if you use an endpoint with the security mode None, a certificate check might fail, even though the configuration you are using worked in earlier releases. In this case, the connection to the OPC UA server is not set up. You get the following message:

Session Creation failed [BadCertificateHostNameInvalid].

This message usually appears if there is no match between the host name used in the server endpoint and the host name that the server uses in its application certificate. If the server simply uses only its host name <serverhost> in its certificate while the endpoint uses the fully qualified host name, the server certificate is not trusted and the connection cannot be set up.

To solve the problem, you can do the following:

• Modify the host name in the endpoint definition

• Modify the host name in the server certificate

• Store the application certificate of the server in the Store for Trusted Server Certificates, and on the Security tab for the OPC UA source system, under Validation Options, select the option Host Name in the Suppress Validation Errors screen area.