Allowing AutoAcceptUntrustedCertificates unless at least one client certificate is trusted.|OPC UA Implementation: Stacks, Tools, and Samples|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Allowing AutoAcceptUntrustedCertificates unless at least one client certificate is trusted.
Avatar
Joseph Amato
New Member
Members
Forum Posts: 1
Member Since:
05/08/2014
sp_UserOfflineSmall Offline
1
07/22/2024 - 08:37
sp_Permalink sp_Print sp_EditHistory

Hi Randy,

I am embedding a server within an instrument.  In most cases the server is deployed on an isolated network, so I want the server to work out of the box with a self-signed server certificate, and configured to AutoAcceptUntrustedCertificates.  Most users will not make an effort to secure the system, but I want to allow the user to apply a secure deployment where a GDS is used to push a signed server certificate, trusted issuer certificates, trusted client certificates, etc.  I am using the 1.5.374.54 NuGet packages, so the methods to support a GDS are already in place.  What is the best way to have a user turn off AutoAcceptUntrustedCertificates (set it to false) if they use a GDS to secure the solution?  Is there an easy way to determine if the server has been configured via a GDS, and therefore should disable AutoAcceptUntrustedCertificates?

Avatar
Randy Armstrong
Admin
Forum Posts: 1579
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
07/22/2024 - 14:27
sp_Permalink sp_Print

If the server has a self signed certificate is not configured by a GDS.

If there is a CA issued certificate then is probably from GDS.

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online: radziu ignac
Guest(s) 23
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1446
Posts: 4890