View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0010047CTT UA Scripts1 - Script Issuepublic2024-12-03 08:502025-08-01 16:01
ReporterJuan Antonio Castillo Assigned ToSebastian Allmendinger  
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Summary0010047: RequestedLifetime not sent correctly in secure channel opening
Description

Problem Summary: The OPC UA client does not send the RequestedLifetime parameter correctly in secure channel opening requests, causing communication failures when the server returns a RevisedLifetime of 0.

Impact: OPC UA communication is entirely blocked, and secure connections cannot be established.

Action Required: Fix the client implementation to correctly send RequestedLifetime and handle scenarios where the server responds with unexpected values or 0 (default value sent).

Steps To Reproduce
  • Configure an OPC UA client to open a secure channel with an OPC server.
  • Change the RequestedLifetime to 300000
  • Ensure the client sends a secure channel opening request with the RequestedLifetime parameter.
  • To inspect the requests, you can use packet analysis software such as Wireshark.
  • Observe the server's response.
  • Check the default RequestedLifetime sent is 0 and the returned can be 0 (depends on server)
  • Check if the RevisedLifetime returned is 0 and if the client throws the error BadInvalidArgument.
TagsNo tags attached.
Files Affected

/library/ServiceBased/SecureChannel/OpenSecureChannel.js
/default.ctt.xml

Relationships

related to 0010441 assignedSebastian Allmendinger CTT UA Test Case RequestedLifetime not sent correctly in secure channel opening 

Activities

Paul Hunkar

2025-07-17 16:00

administrator   ~0023135

the initial change is that the the CTT should request something like 10 sec for the default.
this issue should be cloned to test cases - we need to generate test cases for cases where server return a 0 (if a 0 is provided) - in general test cases around this issue
this issue should also be clone to part 4 and ask for a clarification on - is it ok for a server to return a 0?

Sebastian Allmendinger

2025-08-01 16:01

developer   ~0023192

The default value (Setting: Server Test / Secure Channel / RequestedLifetime) has been updated to 30 seconds. It is still possible to request a lifetime of 0 by changing the value to 0 in the CTT settings.

The channel that was used for calling GetEndpoints didn't use the value of the setting, but always 0. This has been changed, so that is also uses the setting.

Issue History

Date Modified Username Field Change
2024-12-03 08:50 Juan Antonio Castillo New Issue
2025-07-17 16:00 Paul Hunkar Note Added: 0023135
2025-07-17 16:01 Paul Hunkar Assigned To => Sebastian Allmendinger
2025-07-17 16:01 Paul Hunkar Status new => assigned
2025-07-17 16:01 Paul Hunkar Issue cloned: 0010441
2025-07-17 16:01 Paul Hunkar Relationship added related to 0010441
2025-07-26 08:22 Sebastian Allmendinger Files Affected => /library/ServiceBased/SecureChannel/OpenSecureChannel.js
/default.ctt.xml
2025-07-26 08:25 Sebastian Allmendinger Project Compliance Test Tool (CTT) Unified Architecture => CTT UA Scripts
2025-07-26 08:26 Sebastian Allmendinger Category 2 - CTT Binary => 1 - Script Issue
2025-07-26 08:26 Sebastian Allmendinger Product Version 1.04.11-01.00.508 =>
2025-08-01 16:01 Sebastian Allmendinger Status assigned => resolved
2025-08-01 16:01 Sebastian Allmendinger Resolution open => fixed
2025-08-01 16:01 Sebastian Allmendinger Note Added: 0023192