12/15/2020
Hi,
In our OPC Server, We have the security configuration stored in the config.xml. However, is there any possibility that instead of stack creating the application instance certificate, Can a customer have his/her own certificate and place the certificate in the configured folder instead stack creating the certificate by default. Will this work? If yes any changes required? Please guide us.
Regards,
Vinod Pydi
12/15/2020
Hi Randy,
Thanks for your reply, Apologies, didn’t put my question well.we are using OPC foundation sample stack.we have defined the certificate in the config file it was working fine. However instead of stack creating a self signed certificate at the start up can some one manually place the certificate in the trusted folder.will the OPC stack support other certificates.
05/30/2017
If your certificate is not valid the .net codebase will create a new one.
Have you made sure your certificate meets all UA requirements?
https://reference.opcfoundatio…..rt6/6.2.2/
Turn on tracing to see what errors are reported.
12/15/2020
Hi Randy,
So one last question, stack creates a certificate based on the below configuration
%CommonApplicationData%\XXX\XX\CertificateStores\MachineDefault
CN=MyOrg_Root,OU=KA,O=SA,L=KA,ST=KA,C=RO
i have placed my certificate in the above configuration, as i hope all the UA requirements are met.
My Certificate is : MyOrg_Root.der
I have a doubt like when stack creates a certificate it create with the below unique number marked in bold, So if i create my own certificate say MyOrg_Root.der without the unique number, will stack also validates/checks for this unique number?
Stack Certificate : MyOrg_Root [7E440150E3C323B7E27F07F7718F8CADF6058104].der
Regards,
Vinod Pydi
02/24/2014
The part in bold is the certificate thumbprint. One reason it is there is because you may have multiple certificates with the same common name – it is often the case when you are renewing them.
I have quickly checked the .NET code, and it seems that the thumbprint in the file name is not required – what really matters is the actual contents of the certificates, and not their file names.
1 Guest(s)