I'm experiencing a BadCertificateHostNameInvalid when accessing to my opcua server through UaExpert after I try to change my server configuration using user manager and security policy Basic256Sha256 and messageSecurityMode SignAndEncrypt. Before this changes I used to have allowAnonymous on False and securityModes on none. also I used to secure my server with certificateFiles.
This error I get is just like a warning, I can ignore it and my server works fine but I would like to avoid it. I copy an image of the warning here.
enter image description here
Code before:
allowAnonymous: True
certificateFile: certificateFile
privateKeyFile: privateKeyFile
securityPolicies: None
securityMode: None
Code After:
allowAnonymous: False
certificateFile: certificateFile
privateKeyFile: privateKeyFile
securityPolicies: Basic256Sha256
securityMode: SignAndEncrypt
userManager: userManager
Resume:
I try to add userManager to my server and we are having an error with BadCertificateHostNameInvalid code.
I expect to don't get this error and have the server working properly with this new user configuration apart from the certificates.
You have to create a certificate for the server, with a AlternativeSubjectName that contains the hostname/dnsname of the server, to get ride of the error message.
When you use SecurityPolicy None then no certificate is used in the communication, so there is no error.