Matrikon OPC Automation Forum
»
Matrikon Developers Forum
»
Matrikon Flex UA SDK
»
OPC UA Flex Client SDK ver 4.00 with CA Signed Application Certificate instead of self signed?
Rank: Member
Joined: 9/23/2015(UTC)
Posts: 29
Was thanked: 6 time(s) in 5 post(s)
|
Is there a way to use signed application certificate for client?
If I try to substitute default self-signed certificate with same certificate but signed by my CA it won't pass validation.
There is another thing I've tried, I've created my own V3 certificate and signed it, same story it didn't pass validation.
It worked well with ver 2 of UA client SDK.
|
 1 user thanked dima_t for this useful post.
|
|
|
|
Rank: Advanced Member
Joined: 3/23/2017(UTC)
Posts: 30
Thanks: 1 times
Was thanked: 15 time(s) in 15 post(s)
|
Hi Dima,
Thanks for reaching out to us.
Can you please provide more details about the problem.
What error are you receiving while validation. Are the certificates moving to Rejected folder. If yes, can you please move them manually to Trusted folder.
Regards,
Shubhi Gogna
|
1 user thanked Shubhi Gogna for this useful post.
|
|
|
|
Rank: Member
Joined: 9/23/2015(UTC)
Posts: 29
Was thanked: 6 time(s) in 5 post(s)
|
You are right, it goes to rejected folder, and I have to move them manually one directory up.
What I want to achieve is to sign client application certificate myself (the one which client will generate on its own if it is missing) so I don't have to move them manually (on the server), due to lack of access to servers and I wish to use CA to authorize clients by signing client application certificates.
I was able to do that in version 2 of client SDK (I mean to substitute client application certificate with signed one).
As soon as I sign client application certificate myself it won't pass validation inside the client and client throws me OpcUa_BadInternalError 0x80020000 on initialization.
No issues with user certificate though, I can sign that one and server successfully validates it without moving anything to rejected directory because it is signed and server knows about CA.
I hope this makes sense.
|
1 user thanked dima_t for this useful post.
|
|
|
|
Rank: Advanced Member
Joined: 3/23/2017(UTC)
Posts: 30
Thanks: 1 times
Was thanked: 15 time(s) in 15 post(s)
|
Hi Dima,
Sorry for my delayed response.
I will test it at my side and get back to you with my findings.
Regards,
Shubhi Gogna
|
1 user thanked Shubhi Gogna for this useful post.
|
|
|
|
Rank: Advanced Member
Joined: 3/23/2017(UTC)
Posts: 30
Thanks: 1 times
Was thanked: 15 time(s) in 15 post(s)
|
Hi Dima,
We analyzed it further and found it is a issue at our end. We will fixing it.
Thanks for reporting this issue.
Regards,
Shubhi Gogna
|
1 user thanked Shubhi Gogna for this useful post.
|
|
|
|
Rank: Member
Joined: 9/23/2015(UTC)
Posts: 29
Was thanked: 6 time(s) in 5 post(s)
|
|
2 users thanked dima_t for this useful post.
|
|
|
|
Matrikon OPC Automation Forum
»
Matrikon Developers Forum
»
Matrikon Flex UA SDK
»
OPC UA Flex Client SDK ver 4.00 with CA Signed Application Certificate instead of self signed?
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
