1 files changed, 7 insertions, 2 deletions

diff --git a/src/common.c b/src/common.c
index f8b08a1..3e54ca9 100644
--- a/src/common.c
+++ b/src/common.c
@@ -328,7 +328,7 @@ printEndpoint (const UA_EndpointDescription *endpoint, size_t index)
     }
 
   UA_LOG_INFO (UA_Log_Stdout, UA_LOGCATEGORY_APPLICATION,
-               "  [%4lu] %.*s | Level: %2d | %-14s | %.*s",
+               "  [%4lu] %.*s | Level: %3d | %-14s | %.*s",
                (unsigned long)index, (int)endpoint->endpointUrl.length,
                endpoint->endpointUrl.data, endpoint->securityLevel, mode,
                (int)policyLen, policy);
@@ -363,10 +363,15 @@ createServer (UA_UInt16 port, const char *applicationUri, const char *certPath,
       /* Also offer SecurityPolicy#None, but restricted to discovery
          services (FindServers, GetEndpoints) so that unencrypted clients
          can still discover the server without being able to open a
-         full session. */
+         full session.  We must add both the security *policy* (so the
+         server accepts None SecureChannels) and the *endpoint* (so the
+         None endpoint appears in GetEndpoints responses — required by
+         the open62541 client's internal endpoint negotiation). */
       if (*retval == UA_STATUSCODE_GOOD)
         {
           UA_ServerConfig_addSecurityPolicyNone (config, &certificate);
+          UA_ServerConfig_addEndpoint (config, UA_SECURITY_POLICY_NONE_URI,
+                                       UA_MESSAGESECURITYMODE_NONE);
           config->securityPolicyNoneDiscoveryOnly = true;
         }