Possibly wrong description in Security Certificate Validation test case 010|OPC Certification and Interoperability Testing|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Possibly wrong description in Security Certificate Validation test case 010
Avatar
Phuong Nguyen
Member
Members
Forum Posts: 16
Member Since:
11/22/2018
sp_UserOfflineSmall Offline
1
10/11/2022 - 01:30
sp_Permalink sp_Print

Hi,

In CTT version 1.4.9.401 description of the test case 010 of Security Certificate Validation is as following:

"[...] Description: Attempt a secure channel and send a [untrusted] certificate which has an invalid signature, e.g. signed with wrong certificate.
Expectation: ServiceResult = BadSecurityChecksFailed [...]"

This test case makes use of a self-signed ctt_appTSincorrect certificate as client certificate.

However the certificate is actually present in trusted certificate list of the server PKI as it can be found in PKI\copyToServer\ApplicationInstance_PKI\trusted\certs. Therefore it is in fact a trusted certificate with invalid signature.

  • Could it be a mistake in the test case description?
  • The ctt_appTSincorrect certificate is a self-signed certificate and therefore it is also its own issuer. As the ctt_appTSincorrect certificate is trusted and hence its issuer is also trusted, isn't it?

BR,

Phuong

Avatar
Alexander Allmendinger
Germany
Moderator
Members

Moderators

Moderators-Specifications

Moderators-Companion

Moderators-Implementation

Moderators-Certification

Moderators-ProductsServices
Forum Posts: 67
Member Since:
07/11/2017
sp_UserOfflineSmall Offline
2
10/11/2022 - 07:02
sp_Permalink sp_Print

Hi Phuong,

this sound like an issue in the test case. Of course, the certificate needs to be in the trust list, otherwise the trust list check would probably already return the Bad_SecurityChecksFailed and the invalid signature would not be noticed by the application.

Could you please enter a Mantis Issue in our Bug Tracking system for the test cases unter mantis.opcfoundation.org in the CTT UA Test Cases project?

Regards,
Alexander Allmendinger

Avatar
Phuong Nguyen
Member
Members
Forum Posts: 16
Member Since:
11/22/2018
sp_UserOfflineSmall Offline
3
10/12/2022 - 00:32
sp_Permalink sp_Print

Hi Alexander,

yes, of course. I've created a bug ticket for this issue under ID 0008403.

Regards,

Phuong

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online: Hiren Thakkar, Terje Kvangardsnes, Dave Cowley
Guest(s) 32
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1434
Posts: 4854