Is BypassCertVerification required in Simulation with VS Code / iotedgehubdev

[bqstony]

I am wondering, is it really required, to set den ENV BypassCertVerification=true when i wana run the OPC Publisher with the simulation in Visual studio?

Following my settings of the manifest for the simulation

"MyOpcPublisher": {
            "version": "1.0",
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "startupOrder": 50,
            "env": {
              "ApplicationName": {
                "value": "sl123.my-org.com"
              },
              "ApplicationCertificateSubjectName": {
                "value": "CN = sl123.my-org.com"
              },
              "MessagingMode": {
                "value": "PubSub"
              },
              "AutoAcceptUntrustedCertificates": {
                "value": true
              },
              "PublishedNodesFile": {
                "value": "/srv/my-publishednodes.jsonc"
              },
              "PublishedNodesSchemaFile": {
                "value": "/app/Schemas/publishednodesschema.json"
              },
              "RejectUnknownRevocationStatus": {
                "value": false
              },
              "DefaultSamplingInterval": {
                "value": "00:00:00.500"
              },
              "DefaultPublishingInterval": {
                "value": "00:00:01"
              },
              "DefaultHeartbeatInterval": {
                "value": "01:00:00"
              },
              "DefaultQueueSize": {
                "value": 3
              },
              "BatchSize": {
                "value": 100
              },
              "BatchTriggerInterval": {
                "value": "00:00:01"
              },
              "loglevel": {
                "value": "Debug"
              },
              "RuntimeLogLevel": {
                "value": "Debug"
              },
              "UpstreamProtocol": {
                "value": "Amqp"
              },
              "Transport": {
                "value": "Amqp"
              },
              "BypassCertVerification": {
                "value": true
              }
            },
            "settings": {
              "image": "${MODULES.MyOpcPublisher}",  // I Have my own dockerfile where i pack the configfiles etc...
              "createOptions": {
                "HostConfig": {
                  "Memory": 268435456,
                  "MemorySwap": 268435456,
                  "CapDrop": [
                    "CHOWN",
                    "SETUID"
                  ],
                  "Binds": []
                }
              }
            }
          },

when i set ENV BypassCertVerification=false

the following error is happen:

[2022-12-08 09:39:47.945 INF Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory] Added Cert: /mnt/edgemodule/edge-device-ca.cert.pem
[2022-12-08 09:39:47.966 INF Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory] Connecting all clients to mynotebook.noser.com using AmqpOverTcp.
[2022-12-08 09:39:47.987 INF Microsoft.Azure.IIoT.OpcUa.Edge.Publisher.Engine.StandaloneJobOrchestrator] File /srv/my-publishednodes.jsonc has changed, last known hash , new hash 25BF8270EF6A9274DD41407D736456B0A83957744FCA94055C46912FBCA99FDF, reloading...
[2022-12-08 09:39:48.245 INF Microsoft.Azure.IIoT.OpcUa.Edge.Publisher.Models.PublishedNodesJobConverter] Read 1 entry models from published nodes file in 00:00:00.2571342
[2022-12-08 09:39:48.315 INF Microsoft.Azure.IIoT.OpcUa.Edge.Publisher.Models.PublishedNodesJobConverter] Total count of OpcNodes after job conversion: 7
[2022-12-08 09:39:48.315 INF Microsoft.Azure.IIoT.OpcUa.Edge.Publisher.Models.PublishedNodesJobConverter] Converted published nodes entry models to jobs in 00:00:00.0627137
[2022-12-08 09:39:48.328 INF Microsoft.Azure.IIoT.OpcUa.Edge.Publisher.Engine.StandaloneJobOrchestrator] Job opc.tcp://myOpcPlcSimulator:48040_72C86F91_AssetmyEventsAlarm loaded with dataSetGroup AssetmyEventsAlarm with dataSetWriters DataFlowEventsAlarm
[2022-12-08 09:39:48.411 INF Root] Starting module OpcPublisher version 2.8.4.8.
[2022-12-08 09:39:48.411 INF Root] Initiating prometheus at port 9702/metrics
[2022-12-08 09:39:48.422 INF Root] Prometheus metric server started.
[2022-12-08 09:39:48.428 INF Microsoft.Azure.IIoT.Http.HealthChecks.HealthCheckManager] Health checks started.
[2022-12-08 09:39:48.436 INF Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory] Running outside iotedge context.
[2022-12-08 09:39:48.662 INF Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory] 0: Module iot-develop-mynotebook-my_myOpcPublisher disconnected due to Communication_Error - now Disconnected...
[2022-12-08 09:39:48.669 ERR Microsoft.Azure.IIoT.Module.Framework.Hosting.ModuleHost] Module Host failed to start.
[2022-12-08 09:39:48.670 ERR Root] Error during module execution - restarting!
System.AggregateException: One or more errors occurred. (TLS authentication error.)
 ---> System.Security.Authentication.AuthenticationException: TLS authentication error.
 ---> System.Security.Authentication.AuthenticationException: The remote certificate was rejected by the provided RemoteCertificateValidationCallback.
   at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)
   at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
   at System.Threading.Tasks.TaskToApm.End(IAsyncResult asyncResult)
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
   at Microsoft.Azure.Amqp.Transport.TlsTransport.HandleOpenComplete(IAsyncResult result, Boolean syncComplete)
--- End of stack trace from previous location ---
   at Microsoft.Azure.Amqp.ExceptionDispatcher.Throw(Exception exception)
   at Microsoft.Azure.Amqp.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at Microsoft.Azure.Amqp.AmqpObject.OpenAsyncResult.End(IAsyncResult result)
   at Microsoft.Azure.Amqp.AmqpObject.EndOpen(IAsyncResult result)
   at Microsoft.Azure.Amqp.Transport.TlsTransportInitiator.HandleTransportOpened(IAsyncResult result)
   at Microsoft.Azure.Amqp.Transport.TlsTransportInitiator.OnTransportOpened(IAsyncResult result)
--- End of stack trace from previous location ---
   at Microsoft.Azure.Amqp.ExceptionDispatcher.Throw(Exception exception)
   at Microsoft.Azure.Amqp.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at Microsoft.Azure.Amqp.Transport.AmqpTransportInitiator.ConnectAsyncResult.End(IAsyncResult result)
   at Microsoft.Azure.Amqp.Transport.AmqpTransportInitiator.<>c.<ConnectAsync>b__17_1(IAsyncResult r)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location ---
   at Microsoft.Azure.Devices.Client.Transport.AmqpIot.AmqpIotTransport.InitializeAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.Amqp.AmqpIotConnector.OpenConnectionAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.Amqp.AmqpConnectionHolder.EnsureConnectionAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.Amqp.AmqpConnectionHolder.OpenSessionAsync(IDeviceIdentity deviceIdentity, CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.AmqpIot.AmqpUnit.EnsureSessionIsOpenAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.AmqpIot.AmqpUnit.OpenAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.Amqp.AmqpTransportHandler.OpenAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.ProtocolRoutingDelegatingHandler.OpenAsync(CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.ErrorDelegatingHandler.<>c__DisplayClass27_0.<<ExecuteWithErrorHandlingAsync>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.Azure.Devices.Client.Transport.ErrorDelegatingHandler.ExecuteWithErrorHandlingAsync[T](Func`1 asyncOperation)
   --- End of inner exception stack trace ---
   at Microsoft.Azure.Devices.Client.Transport.ErrorDelegatingHandler.ExecuteWithErrorHandlingAsync[T](Func`1 asyncOperation)
   at Microsoft.Azure.Devices.Client.Transport.RetryDelegatingHandler.<>c__DisplayClass39_0.<<OpenInternalAsync>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.Azure.Devices.Client.TransientFaultHandling.RetryPolicy.<>c__DisplayClass34_0.<<RunWithRetryAsync>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.Azure.Devices.Client.TransientFaultHandling.RetryPolicy.RunWithRetryAsync[T](Func`1 taskFunc, ShouldRetry shouldRetry, Func`2 isTransient, Action`3 onRetrying, Boolean fastFirstRetry, CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.TransientFaultHandling.RetryPolicy.RunWithRetryAsync(Func`1 taskFunc, ShouldRetry shouldRetry, Func`2 isTransient, Action`3 onRetrying, Boolean fastFirstRetry, CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.RetryDelegatingHandler.OpenInternalAsync(Boolean withRetry, CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.Transport.RetryDelegatingHandler.EnsureOpenedAsync(Boolean withRetry, CancellationToken cancellationToken)
   at Microsoft.Azure.Devices.Client.InternalClient.OpenAsync()
   at Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory.ModuleClientAdapter.CreateAsync(String product, IotHubConnectionStringBuilder cs, String deviceId, String moduleId, ITransportSettings transportSetting, TimeSpan timeout, IRetryPolicy retry, Action onConnectionLost, ILogger logger) in D:\a\1\s\common\src\Microsoft.Azure.IIoT.Hub.Module.Client\src\Default\IoTSdkFactory.cs:line 279
   at Microsoft.Azure.IIoT.Utils.Try.Options[T](Func`1[] options)
   --- End of inner exception stack trace ---
   at Microsoft.Azure.IIoT.Utils.Try.Options[T](Func`1[] options) in D:\a\1\s\common\src\Microsoft.Azure.IIoT.Core\src\Utils\Try.cs:line 108
   at Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory.CreateAsync(String product, IProcessControl ctrl) in D:\a\1\s\common\src\Microsoft.Azure.IIoT.Hub.Module.Client\src\Default\IoTSdkFactory.cs:line 193
   at Microsoft.Azure.IIoT.Module.Framework.Hosting.ModuleHost.StartAsync(String type, String siteId, String productInfo, String version, IProcessControl reset) in D:\a\1\s\common\src\Microsoft.Azure.IIoT.Hub.Module.Framework\src\Hosting\ModuleHost.cs:line 118
   at Microsoft.Azure.IIoT.Modules.OpcUa.Publisher.ModuleProcess.RunAsync() in D:\a\1\s\modules\src\Microsoft.Azure.IIoT.Modules.OpcUa.Publisher\src\ModuleProcess.cs:line 121
[2022-12-08 09:39:48.697 INF Microsoft.Azure.IIoT.Agent.Framework.Agent.WorkerSupervisor] Stopping worker supervisor
[2022-12-08 09:39:48.698 INF Microsoft.Azure.IIoT.Agent.Framework.Agent.WorkerSupervisor] Worker supervisor successfully stopped
[2022-12-08 09:39:48.700 INF Microsoft.Azure.IIoT.Http.HealthChecks.HealthCheckManager] Health checks stopped.
[2022-12-08 09:39:48.703 INF Root] Stopped prometheus metric server
[2022-12-08 09:39:48.704 INF Root] Module stopped.

I am also wondering the log message: [2022-12-08 09:39:48.436 INF Microsoft.Azure.IIoT.Module.Framework.Client.IoTSdkFactory] Running outside iotedge context.

[marcschier]

Fixed in preview 4. Bypass not required anymore.