• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Node-RED: OpcUa Client node
#1
Dear Armin,

If I take out the 'OpcUa Client' node and set its properties as attached png files and deploy it, the following error will occur.
I tried it with netPI RTE 3 system software version both 1.2.2.0 and 1.2.1.0.
If I use UaExpert on a PC side, this software tool can communicate with Siemens S7-1500 properly.

====================
OPC UA connection error: Command failed: "openssl" req -new -sha256  -text  -extensions v3_selfsigned  -config "/root/.config/node-opcua-default-nodejs/PKI/own/openssl.cnf.tmp" -key "/root/.config/node-opcua-default-nodejs/PKI/own/private/private_key.pem" -out "/root/.node-red/node_modules/node-opcua-client/certificates/client_selfsigned_cert_2048.pem.csr" -subj "/C=FR/L=Orleans/O=Sterfive/CN=NodeOPCUA-Client@NTB827EBB5D102"

Can't open /root/.node-red/node_modules/node-opcua-client/certificates/client_selfsigned_cert_2048.pem.csr for writing, No such file or directory

1996263440:error:02001002Confusedystem library:fopen:No such file or directory:../crypto/bio/bss_file.c:69:fopen('/root/.node-red/node_modules/node-opcua-client/certificates/client_selfsigned_cert_2048.pem.csr','w')

1996263440:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:76:
====================

Moreover, as NoderedContainer_1.png, I cannot map a volume when creating the Node-RED container.
I am afraid it is the reason for the error above.

Thank you very much for your advice.
Best regards,


Attached Files Thumbnail(s)
               
  Reply
#2
Hello Tad, one word in general about netPI security: some years ago I talked in a thread about the restriction of netPI Docker. netPI Docker is not standard because we disabled some functions because of security reasons . Here is the thread: https://forum.hilscher.com/thread-511.html. One of the restriction was that volume mapping is not possible with netPI Docker, else a container could easily map a host volume or drive into the container ... but this is what we do not want: no access to the Linux Host file system at all to make writing impossible. Also the Node-RED container README speaks about the netPI restrictions: https://hub.docker.com/r/hilschernetpi/netpi-nodered

As next I have to say is that Node-RED is a free and open source software. Even if we as Hilscher have build a Node-RED example container which you are using with several additional and useful Node-RED nodes installed like the OPC UA Client, we are not responsible for the proper function of the open source. Each of the nodes used has its own developer homepage on the internet where the developer explains how to use a node and how to get it to run. Also there are sometimes sessions where users are discussing problems. So it may be that your problem is also a problem of others, but I don't know because I don't know the OPC UA client node. I have just used it once. The official homepage of the OPC UA client node is located here: https://flows.nodered.org/node/node-red-contrib-opcua.

What I can say at this stage is that the problem your png files show has nothing to do with netPI Docker volume mapping procedure. For me it seems that the OPC UA client node tries to generate first of all a self signed certificate using the Linux command:
"openssl req -new -sha256  -text  -extensions v3_selfsigned  -config "/root/.config/node-opcua-default-nodejs/PKI/own/openssl.cnf.tmp" -key "/root/.config/node-opcua-default-nodejs/PKI/own/private/private_key.pem" -out "/root/.node-red/node_modules/node-opcua-client/certificates/client_selfsigned_cert_2048.pem.csr" -subj "/C=FR/L=Orleans/O=Sterfive/CN=NodeOPCUA-Client@NTB827EBB5D102"
but it failes since the certificate file cannot be created: "/root/.node-red/node_modules/node-opcua-client/certificates/client_selfsigned_cert_2048.pem.csr". It seems that the folder "/root/.node-red/node_modules/node-opcua-client/certificates/" in the container does not exists. So you can use the embedded console function of this container an look if the folder is present or not. And if not then create it and try it again.

Also you can see on the OPC UA client homepage that the latest version of the node is 0.2.222. So in Node-RED use the "manage palette" function in the top right main menu to update the OPC UA client node to the latest available version. Maybe this version works better ... anyway you have the latest version then.

Thx
Armin
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#3
Dear Armin,

Thank you very much for your information.
Finally, I execute the following commands from the Node-RED console, and then the OpcUc client node was able to communicate with a server in S7-1500 without any error.

===========
root@NTB827EBB5D102:~/.node-red/node_modules/node-opcua-client# mkdir certificates
root@NTB827EBB5D102:~/.config/node-opcua-default-nodejs/PKI/own/private# cp private_key.pem /root/.node-red/node_modules/node-opcua-client/certificates/client_selfsigned_cert_2048.pem.csr
root@NTB827EBB5D102:~/.node-red/node_modules/node-opcua-client/certificates# mkdir PKI && cd PKI
root@NTB827EBB5D102:~/.node-red/node_modules/node-opcua-client/certificates/PKI# mkdir own && cd own
root@NTB827EBB5D102:~/.node-red/node_modules/node-opcua-client/certificates/PKI/own# mkdir private && cd private
root@NTB827EBB5D102:~/.node-red/node_modules/node-opcua-client/certificates/PKI/own/private# cp /root/.config/node-opcua-default-nodejs/PKI/own/private/private_key.pem .
===========

And, I couldn't update the OpcUa Client node to the newest version 0.2.222 or delete the node.
After the restart of netPI, version 0.2.64 is always active.

I hope 'hilschernetpi/netpi-nodered' always includes nodes which are working properly.
Best regards,
  Reply
#4
Hello Tad, thank you for letting us know how to get it running.

I tried to update the OPC UA Node-RED package myself on my netPI wqith the same container. It works fine. 

But it takes a long long time to get it installed maybe you did not wait long enough

Before:

   

During installation:

   

Then I restarted the container and then I got this:

   

Try it again yourself. By this method you can keep ALL nodes up to date yourself always.

To keep the Node-RED container up to date always to latest version is very difficult. Since the container includes many Node-RED nodes they will be changed by the developers nearly daily ... so in the end this would mean to the Node-RED container that it needs to be build also daily to keep it up to date. This is not possible because this is too time consuming. A good compromise is to keep it updated every 6 month maybe

Thx
Armin
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#5
Dear Armin,

I re-deployed a Node-RED container from the beginning.
And then, after pressing the update button, I did nothing until the message "Node-RED must be restarted to enable upgraded modules" was displayed.
Then, the version was updated to 0.2.222 as you explained!

Then, OpcUa-Client node doesn't give any error and my Node-RED flows works fine without executing anything on the console.

Thank you very much for your support.
Best regards,
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Node Red configuration LucioFiam 3 1,605 November-30th-2022, 05:14 PM
Last Post: Armin@netPI
  secure node-red with a username and password Christian_Rau 3 2,804 December-3rd-2021, 11:06 AM
Last Post: Armin@netPI
  cifx0 and Node-Red fabio1975 5 3,055 November-22nd-2021, 01:13 PM
Last Post: Armin@netPI
  Node red web UI issue DSongra 3 3,119 July-22nd-2021, 02:47 PM
Last Post: Armin@netPI
  Node-RED 'projects' possible on netPI? JG_KIT 2 2,283 July-20th-2021, 01:11 PM
Last Post: JG_KIT
  Accessing a modbus device connected to RTE port from Node-RED tad 10 7,822 October-2nd-2020, 07:21 AM
Last Post: Armin@netPI
  5 x NL 50-Mpi and Node Red like colector data? Jotarod 4 3,849 September-14th-2020, 01:59 PM
Last Post: Armin@netPI
  Node-Red "http in"-Node not working DWxPro 8 7,401 June-19th-2020, 01:12 AM
Last Post: DWxPro
  using node.js on NIOT-E-TP151-EN-RE COswald 9 9,952 May-20th-2020, 12:54 PM
Last Post: Armin@netPI
  Error when using a node 'OpcUaServer' tad 6 4,997 May-12th-2020, 08:35 AM
Last Post: tad

Forum Jump:


Users browsing this thread: 2 Guest(s)