OPC Studio User's Guide and Reference
CheckEndpointDomain Property (UAClientSessionParameters)
Example 



OpcLabs.EasyOpcUA Assembly > OpcLabs.EasyOpc.UA.Engine Namespace > UAClientSessionParameters Class : CheckEndpointDomain Property
Check that the host name in the endpoint URL matches with the domain names in the server certificate.
Syntax
'Declaration
 
Public Property CheckEndpointDomain As Boolean
'Usage
 
Dim instance As UAClientSessionParameters
Dim value As Boolean
 
instance.CheckEndpointDomain = value
 
value = instance.CheckEndpointDomain
public bool CheckEndpointDomain {get; set;}
public:
property bool CheckEndpointDomain {
   bool get();
   void set (    bool value);
}

Property Value

The default value of this property is False.

Remarks

In order to obtain or modify this parameter, in the default state (when OpcLabs.EasyOpc.UA.EasyUAClientCore.Isolated equals to false), access UAClientAdaptableParameters.SessionParameters property of static OpcLabs.EasyOpc.UA.EasyUAClientCore.AdaptableParameters. If you have set OpcLabs.EasyOpc.UA.EasyUAClientCore.Isolated to true, you need to access UAClientAdaptableParameters.SessionParameters property of OpcLabs.EasyOpc.UA.EasyUAClientCore.IsolatedParameters.

The getter method of this property is pure, i.e. it does not have observable side effects.

This method or property does not throw any exceptions, aside from execution exceptions such as System.Threading.ThreadAbortException or System.OutOfMemoryException.

Example
// This example shows how in a console application, the user is asked to allow a server instance certificate with
// mismatched domain name.
//
// Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
// OPC client and subscriber examples in C# on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-CSharp .
// Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
// a commercial license in order to use Online Forums, and we reply to every post.

using System;
using OpcLabs.EasyOpc.UA;
using OpcLabs.EasyOpc.UA.OperationModel;

namespace UADocExamples.Interaction
{
    class AllowEndpointDomain
    {
        public static void Main1()
        {
            // Define which server we will work with.
            // Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address
            // the same domain, but cause a mismatch with what the names that are listed in the server instance certificate.
            UAEndpointDescriptor endpointDescriptor = "opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer";
            
            // Instantiate the client object.
            var client = new EasyUAClient()
            {
                // Enforce the endpoint domain check.
                Isolated = true,
                IsolatedParameters = {SessionParameters = {CheckEndpointDomain = true}}
            };

            UAAttributeData attributeData;
            try
            {
                // Obtain attribute data.
                // The component automatically triggers the necessary user interaction during the first operation.
                attributeData = client.Read(endpointDescriptor, "nsu=http://test.org/UA/Data/ ;i=10853");
            }
            catch (UAException uaException)
            {
                Console.WriteLine("*** Failure: {0}", uaException.GetBaseException().Message);
                return;
            }

            // Display results.
            Console.WriteLine("Value: {0}", attributeData.Value);
            Console.WriteLine("ServerTimestamp: {0}", attributeData.ServerTimestamp);
            Console.WriteLine("SourceTimestamp: {0}", attributeData.SourceTimestamp);
            Console.WriteLine("StatusCode: {0}", attributeData.StatusCode);
        }
    }
}
' This example shows how in a console application, the user is asked to allow a server instance certificate with
' mismatched domain name.
'
' Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
' OPC client and subscriber examples in VB.NET on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-VBNET .
' Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
' a commercial license in order to use Online Forums, and we reply to every post.

Imports OpcLabs.EasyOpc.UA
Imports OpcLabs.EasyOpc.UA.OperationModel
Imports OpcLabs.EasyOpc.UA.Engine

Namespace Interaction
    Friend Class AllowEndpointDomain
        Public Shared Sub Main1()

            ' Define which server we will work with.
            ' Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address
            ' the same domain, but cause a mismatch with what the names that are listed in the server instance certificate.
            Dim endpointDescriptor As UAEndpointDescriptor = "opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer"

            ' Instantiate the client object.
            Dim client = New EasyUAClient() With
            {
                .Isolated = True,
                .IsolatedParameters = New EasyUAClientAdaptableParameters() With
                {
                    .SessionParameters = New UASmartClientSessionParameters() With
                    {
                        .CheckEndpointDomain = True
                    }
                }
            }

            Dim attributeData As UAAttributeData
            Try
                ' Obtain attribute data.
                ' The component automatically triggers the necessary user interaction during the first operation.
                attributeData = client.Read(endpointDescriptor, "nsu=http://test.org/UA/Data/ ;i=10853")
            Catch uaException As UAException
                Console.WriteLine("*** Failure: {0}", uaException.GetBaseException.Message)
                Exit Sub
            End Try

            ' Display results.
            Console.WriteLine("Value: {0}", attributeData.Value)
            Console.WriteLine("ServerTimestamp: {0}", attributeData.ServerTimestamp)
            Console.WriteLine("SourceTimestamp: {0}", attributeData.SourceTimestamp)
            Console.WriteLine("StatusCode: {0}", attributeData.StatusCode)
        End Sub
    End Class
End Namespace
// This example shows how in a console application, the user is asked to allow a server instance certificate with
// mismatched domain name.
//
// Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
// OPC client and subscriber examples in Object Pascal (Delphi) on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-OP .
// Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
// a commercial license in order to use Online Forums, and we reply to every post.

class procedure AllowEndpointDomain.Main;
var
  AttributeData: _UAAttributeData;
  Client: _EasyUAClient;
  EndpointDescriptor: string;
begin
  // Define which server we will work with.
  // Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address
  // the same domain, but cause a mismatch with what the names that are listed in the server instance certificate.
  EndpointDescriptor := 'opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer';

  // Instantiate the client object.
  Client := CoEasyUAClient.Create;
  // Enforce the endpoint domain check.
  Client.Isolated := true;
  Client.IsolatedParameters.SessionParameters.CheckEndpointDomain := true;

  try
    // Obtain attribute data.
    // The component automatically triggers the necessary user interaction during the first operation.
    AttributeData := Client.Read(EndpointDescriptor, 'nsu=http://test.org/UA/Data/ ;i=10853');
  except
    on E: EOleException do
    begin
      WriteLn(Format('*** Failure: %s', [E.GetBaseException.Message]));
      Exit;
    end;
  end;

  // Display results.
  WriteLn('Value: ', AttributeData.Value);
  WriteLn('ServerTimestamp: ', DateTimeToStr(AttributeData.ServerTimestamp));
  WriteLn('SourceTimestamp: ', DateTimeToStr(AttributeData.SourceTimestamp));
  WriteLn('StatusCode: ', AttributeData.StatusCode.ToString);
end;
Rem This example shows how in a console application, the user is asked to allow a server instance certificate with
Rem mismatched domain name.
Rem
Rem Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
Rem OPC client and subscriber examples in VBScript on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-VBScript .
Rem Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
Rem a commercial license in order to use Online Forums, and we reply to every post.

Option Explicit

' Define which server we will work with.
' Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address
' the same domain, but cause a mismatch with what the names that are listed in the server instance certificate.
Dim endpointDescriptor: endpointDescriptor = "opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer"

' Instantiate the client object.
Dim Client: Set Client = CreateObject("OpcLabs.EasyOpc.UA.EasyUAClient")
' Enforce the endpoint domain check.
Client.Isolated = True
Client.IsolatedParameters.SessionParameters.CheckEndpointDomain = True

' Obtain attribute data.
' The component automatically triggers the necessary user interaction during the first operation.
On Error Resume Next
Dim AttributeData: Set AttributeData = Client.Read(endpointDescriptor, "nsu=http://test.org/UA/Data/ ;i=10853")
If Err.Number <> 0 Then
    WScript.Echo "*** Failure: " & Err.Source & ": " & Err.Description
    WScript.Quit
End If
On Error Goto 0

' Display results
WScript.Echo "Value: " & AttributeData.Value
WScript.Echo "ServerTimestamp: " & AttributeData.ServerTimestamp
WScript.Echo "SourceTimestamp: " & AttributeData.SourceTimestamp
WScript.Echo "StatusCode: " & AttributeData.StatusCode

' Example output:
'
'OPC-UA Endpoint Domain Mismatch
'The effective host name in endpoint URL returned by the server does not match any of the domain names in the server certificate.
'Endpoint URL as returned by the server: opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer
'The server certificate is for following domain names or IP addresses: opcua.demo-this.com
'This may be an indication of a spoofing attempt. Do you want to allow the endpoint anyway? [Y/n]: Y
'Value: -1.285897E+14
'ServerTimestamp: 11/28/2019 1:34:23 PM
'SourceTimestamp: 11/28/2019 1:34:23 PM
'StatusCode: Good
# This example shows how in a console application, the user is asked to allow a server instance certificate with
# mismatched domain name.
#
# Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
# OPC client and subscriber examples in Python on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-Python .
# Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
# a commercial license in order to use Online Forums, and we reply to every post.
# The QuickOPC package is needed. Install it using "pip install opclabs_quickopc".
import opclabs_quickopc

# Import .NET namespaces.
from OpcLabs.EasyOpc.UA import *
from OpcLabs.EasyOpc.UA.OperationModel import *


# Define which server we will work with.
# Note that extra '.' at the end of the domain name. For the purpose of this example, it allows us to address
# the same domain, but cause a mismatch with what the names that are listed in the server instance certificate.
endpointDescriptor = UAEndpointDescriptor('opc.tcp://opcua.demo-this.com.:51210/UA/SampleServer')

# Instantiate the client object.
client = EasyUAClient()
# Enforce the endpoint domain check.
client.Isolated = True
client.IsolatedParameters.SessionParameters.CheckEndpointDomain = True

try:
    # Obtain attribute data.
    # The component automatically triggers the necessary user interaction during the first operation.
    attributeData = IEasyUAClientExtension.Read(client,
                                                endpointDescriptor,
                                                UANodeDescriptor('nsu=http://test.org/UA/Data/ ;i=10853'))
except UAException as uaException:
    print('*** Failure: ' + uaException.GetBaseException().Message)
    exit()

# Display results.
print('Value: ', attributeData.Value)
print('ServerTimestamp: ', attributeData.ServerTimestamp)
print('SourceTimestamp: ', attributeData.SourceTimestamp)
print('StatusCode: ', attributeData.StatusCode)

print()
print('Finished.')
Requirements

Target Platforms: .NET Framework: Windows 10 (selected versions), Windows 11 (selected versions), Windows Server 2016, Windows Server 2022; .NET: Linux, macOS, Microsoft Windows

See Also