07/18/2018
Hello,
I am using the most recent version of UA-.NETStandard from GitHub. I connect to a real PLC which is running a OPC UA Server. I am experiencing some problems with certificates and validation. I always got the message below:
Certificate issuer is not trusted.
SubjectName: O=Siemens, C=DE, CN=PLC-1/OPCUA-1-6
IssuerName: O=Siemens, C=DE, CN=Siemens TIA Project(211MUvNEwEGtCWSwY5877g)’
I have already moved the *.der file to the trusted folders but it’s solving my problem.
I am developing a .NET Core 2.1 application. What strikes me is that it’s working for a .NET 4.6 application. I used both samples within the GitHub repository, the NetCoreConsoleClient gives me a ‘Certificate issuer is not trusted’ while in the .NET 4.6 application I can connect without trouble.
What should I do have to solve this?
Best regards,
Sander
05/30/2017
The server may be returning an entire chain but the client side code needs to support extracting it.
You can disable checking for the CRL if you do not have it.
That said, if there is a CA then it must be centrally managed. You need to find out who is managing that CA and get the CA + CRL from them.
If the device has a “private” CA that only exists on that device then you have to get it by parsing the chain returned by the server.
1 Guest(s)