'DeclarationProperty CheckEndpointDomain As Boolean
'UsageDim instance As _UAClientSessionParameters Dim value As Boolean instance.CheckEndpointDomain = value value = instance.CheckEndpointDomain
bool CheckEndpointDomain {get; set;}
In order to obtain or modify this parameter, in the default state (when OpcLabs.EasyOpc.UA.EasyUAClientCore.Isolated equals to false), access OpcLabs.EasyOpc.UA.Engine.UAClientAdaptableParameters.SessionParameters property of static OpcLabs.EasyOpc.UA.EasyUAClientCore.AdaptableParameters. If you have set OpcLabs.EasyOpc.UA.EasyUAClientCore.Isolated to true, you need to access OpcLabs.EasyOpc.UA.Engine.UAClientAdaptableParameters.SessionParameters property of OpcLabs.EasyOpc.UA.EasyUAClientCore.IsolatedParameters.
This method or property does not throw any exceptions, aside from execution exceptions such as System.Threading.ThreadAbortException or System.OutOfMemoryException.
// This example shows how in a console application, the user is asked to allow a server instance certificate with // mismatched domain name. using System; using OpcLabs.EasyOpc.UA; using OpcLabs.EasyOpc.UA.OperationModel; namespace UADocExamples.Interaction { class AllowEndpointDomain { public static void Main1() { // Define which server we will work with. // Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address // the same domain, but cause a mismatch with what the names that are listed in the server instance certificate. UAEndpointDescriptor endpointDescriptor = "opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer"; // Instantiate the client object. var client = new EasyUAClient() { // Enforce the endpoint domain check. Isolated = true, IsolatedParameters = {SessionParameters = {CheckEndpointDomain = true}} }; UAAttributeData attributeData; try { // Obtain attribute data. // The component automatically triggers the necessary user interaction during the first operation. attributeData = client.Read(endpointDescriptor, "nsu=http://test.org/UA/Data/ ;i=10853"); } catch (UAException uaException) { Console.WriteLine("*** Failure: {0}", uaException.GetBaseException().Message); return; } // Display results. Console.WriteLine("Value: {0}", attributeData.Value); Console.WriteLine("ServerTimestamp: {0}", attributeData.ServerTimestamp); Console.WriteLine("SourceTimestamp: {0}", attributeData.SourceTimestamp); Console.WriteLine("StatusCode: {0}", attributeData.StatusCode); } } }
# This example shows how in a console application, the user is asked to allow a server instance certificate with # mismatched domain name. # The QuickOPC package is needed. Install it using "pip install opclabs_quickopc". import opclabs_quickopc # Import .NET namespaces. from OpcLabs.EasyOpc.UA import * from OpcLabs.EasyOpc.UA.OperationModel import * # Define which server we will work with. # Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address # the same domain, but cause a mismatch with what the names that are listed in the server instance certificate. endpointDescriptor = UAEndpointDescriptor('opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer') # Instantiate the client object. client = EasyUAClient() # Enforce the endpoint domain check. client.Isolated = True client.IsolatedParameters.SessionParameters.CheckEndpointDomain = True try: # Obtain attribute data. # The component automatically triggers the necessary user interaction during the first operation. attributeData = IEasyUAClientExtension.Read(client, endpointDescriptor, UANodeDescriptor('nsu=http://test.org/UA/Data/ ;i=10853')) except UAException as uaException: print('*** Failure: ' + uaException.GetBaseException().Message) exit() # Display results. print('Value: ', attributeData.Value) print('ServerTimestamp: ', attributeData.ServerTimestamp) print('SourceTimestamp: ', attributeData.SourceTimestamp) print('StatusCode: ', attributeData.StatusCode) print() print('Finished.')
' This example shows how in a console application, the user is asked to allow a server instance certificate with ' mismatched domain name. Imports OpcLabs.EasyOpc.UA Imports OpcLabs.EasyOpc.UA.OperationModel Imports OpcLabs.EasyOpc.UA.Engine Namespace Interaction Friend Class AllowEndpointDomain Public Shared Sub Main1() ' Define which server we will work with. ' Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address ' the same domain, but cause a mismatch with what the names that are listed in the server instance certificate. Dim endpointDescriptor As UAEndpointDescriptor = "opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer" ' Instantiate the client object. Dim client = New EasyUAClient() With _ { _ .Isolated = True, _ .IsolatedParameters = New EasyUAAdaptableParameters() With _ { _ .SessionParameters = New UASmartSessionParameters() With _ { _ .CheckEndpointDomain = True _ } _ } _ } Dim attributeData As UAAttributeData Try ' Obtain attribute data. ' The component automatically triggers the necessary user interaction during the first operation. attributeData = client.Read(endpointDescriptor, "nsu=http://test.org/UA/Data/ ;i=10853") Catch uaException As UAException Console.WriteLine("*** Failure: {0}", uaException.GetBaseException.Message) Exit Sub End Try ' Display results. Console.WriteLine("Value: {0}", attributeData.Value) Console.WriteLine("ServerTimestamp: {0}", attributeData.ServerTimestamp) Console.WriteLine("SourceTimestamp: {0}", attributeData.SourceTimestamp) Console.WriteLine("StatusCode: {0}", attributeData.StatusCode) End Sub End Class End Namespace
// This example shows how in a console application, the user is asked to allow a server instance certificate with // mismatched domain name. class procedure AllowEndpointDomain.Main; var AttributeData: _UAAttributeData; Client: _EasyUAClient; EndpointDescriptor: string; begin // Define which server we will work with. // Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address // the same domain, but cause a mismatch with what the names that are listed in the server instance certificate. EndpointDescriptor := 'opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer'; // Instantiate the client object. Client := CoEasyUAClient.Create; // Enforce the endpoint domain check. Client.Isolated := true; Client.IsolatedParameters.SessionParameters.CheckEndpointDomain := true; try // Obtain attribute data. // The component automatically triggers the necessary user interaction during the first operation. AttributeData := Client.Read(EndpointDescriptor, 'nsu=http://test.org/UA/Data/ ;i=10853'); except on E: EOleException do begin WriteLn(Format('*** Failure: %s', [E.GetBaseException.Message])); Exit; end; end; // Display results. WriteLn('Value: ', AttributeData.Value); WriteLn('ServerTimestamp: ', DateTimeToStr(AttributeData.ServerTimestamp)); WriteLn('SourceTimestamp: ', DateTimeToStr(AttributeData.SourceTimestamp)); WriteLn('StatusCode: ', AttributeData.StatusCode.ToString); end;
Rem This example shows how in a console application, the user is asked to allow a server instance certificate with Rem mismatched domain name. Option Explicit ' Define which server we will work with. ' Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address ' the same domain, but cause a mismatch with what the names that are listed in the server instance certificate. Dim endpointDescriptor: endpointDescriptor = "opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer" ' Instantiate the client object. Dim Client: Set Client = CreateObject("OpcLabs.EasyOpc.UA.EasyUAClient") ' Enforce the endpoint domain check. Client.Isolated = True Client.IsolatedParameters.SessionParameters.CheckEndpointDomain = True ' Obtain attribute data. ' The component automatically triggers the necessary user interaction during the first operation. On Error Resume Next Dim AttributeData: Set AttributeData = Client.Read(endpointDescriptor, "nsu=http://test.org/UA/Data/ ;i=10853") If Err.Number <> 0 Then WScript.Echo "*** Failure: " & Err.Source & ": " & Err.Description WScript.Quit End If On Error Goto 0 ' Display results WScript.Echo "Value: " & AttributeData.Value WScript.Echo "ServerTimestamp: " & AttributeData.ServerTimestamp WScript.Echo "SourceTimestamp: " & AttributeData.SourceTimestamp WScript.Echo "StatusCode: " & AttributeData.StatusCode ' Example output: ' 'OPC-UA Endpoint Domain Mismatch 'The effective host name in endpoint URL returned by the server does not match any of the domain names in the server certificate. 'Endpoint URL as returned by the server: opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer 'The server certificate is for following domain names or IP addresses: opcua.demo-this.com 'This may be an indication of a spoofing attempt. Do you want to allow the endpoint anyway? [Y/n]: Y 'Value: -1.285897E+14 'ServerTimestamp: 11/28/2019 1:34:23 PM 'SourceTimestamp: 11/28/2019 1:34:23 PM 'StatusCode: Good