Fix OPC UA adapter: pass connection details, certificate stores, endpoint discovery

- DataConnectionActor now stores and passes connection details to adapter ConnectAsync - DataConnectionManagerActor passes connection details when creating actor - RealOpcUaClient uses DiscoveryClient for endpoint selection with no-security preference - Added certificate trust store paths to prevent TrustedIssuerCertificates error - Sanitize connection names for Akka actor paths (replace spaces)
2026-03-17 12:19:44 -04:00
parent 8e1d0816b3
commit 1b06a4971e
3 changed files with 35 additions and 9 deletions
--- a/src/ScadaLink.DataConnectionLayer/Adapters/RealOpcUaClient.cs
+++ b/src/ScadaLink.DataConnectionLayer/Adapters/RealOpcUaClient.cs
@@ -26,7 +26,10 @@ public class RealOpcUaClient : IOpcUaClient
            SecurityConfiguration = new SecurityConfiguration
            {
                AutoAcceptUntrustedCertificates = true,
-                ApplicationCertificate = new CertificateIdentifier()
+                ApplicationCertificate = new CertificateIdentifier(),
+                TrustedIssuerCertificates = new CertificateTrustList { StorePath = Path.Combine(Path.GetTempPath(), "ScadaLink", "pki", "issuers") },
+                TrustedPeerCertificates = new CertificateTrustList { StorePath = Path.Combine(Path.GetTempPath(), "ScadaLink", "pki", "trusted") },
+                RejectedCertificateStore = new CertificateTrustList { StorePath = Path.Combine(Path.GetTempPath(), "ScadaLink", "pki", "rejected") }
            },
            ClientConfiguration = new ClientConfiguration { DefaultSessionTimeout = 60000 },
            TransportQuotas = new TransportQuotas { OperationTimeout = 15000 }
@@ -35,11 +38,26 @@ public class RealOpcUaClient : IOpcUaClient
        await appConfig.ValidateAsync(ApplicationType.Client);
        appConfig.CertificateValidator.CertificateValidation += (_, e) => e.Accept = true;

-        var endpoint = new EndpointDescription(endpointUrl)
+        // Discover endpoints from the server, pick the no-security one
+        EndpointDescription? endpoint;
+        try
        {
-            SecurityMode = MessageSecurityMode.None,
-            SecurityPolicyUri = SecurityPolicies.None
-        };
+#pragma warning disable CS0618
+            using var discoveryClient = DiscoveryClient.Create(new Uri(endpointUrl));
+#pragma warning restore CS0618
+#pragma warning disable CS0618
+            var endpoints = discoveryClient.GetEndpoints(null);
+#pragma warning restore CS0618
+            endpoint = endpoints
+                .Where(e => e.SecurityMode == MessageSecurityMode.None)
+                .FirstOrDefault() ?? endpoints.FirstOrDefault();
+        }
+        catch
+        {
+            // Fallback: construct endpoint description manually
+            endpoint = new EndpointDescription(endpointUrl);
+        }
+
        var endpointConfig = EndpointConfiguration.Create(appConfig);
        var configuredEndpoint = new ConfiguredEndpoint(null, endpoint, endpointConfig);