Expired CRL - what are the consequences ?|OPC UA Implementation: Stacks, Tools, and Samples|Forum|OPC Foundation

Avatar
sp_LogInOut Log In
sp_Search Search
Advanced Search
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Search Search
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Expired CRL - what are the consequences ?
Avatar
Svein Folkeson
New Member
Members
Forum Posts: 2
Member Since:
11/20/2018
sp_UserOfflineSmall Offline
1
08/23/2024 - 00:39
sp_Permalink sp_Print

I am responsible for more than 200 OPC UA Servers. My job is to keep all certificates and crl's up to date.

To handle this amount of UA Servers we are using GDS.

If a certificate expires then it is no longer possible to access the UA Server.

I have experienced that expired crls doesnt affect the access to the UA Servers. Is that as it should be?

Is the expire date on a crl just to consider as an information with no other consequences.

Avatar
Randy Armstrong
Admin
Forum Posts: 1564
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
08/25/2024 - 03:09
sp_Permalink sp_Print

OPC UA applications are not required to enforce the expiry dates on CRLs so most do not.

This is not ideal but given the need to maintain copies of CRLs on every device it was something that was seen as more practical.

Once GDS are widely available and deployed the specification could look at this issue.

sp_Feed
Go to top
Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 42
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1435
Posts: 4855