serverCertificate in EndpointDescription|OPC UA Standard|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
serverCertificate in EndpointDescription
Avatar
Dave Ruske
New Member
Members
Forum Posts: 1
Member Since:
02/22/2017
sp_UserOfflineSmall Offline
1
06/27/2023 - 05:09
sp_Permalink sp_Print

Is there any case where a server’s endpoints, as enumerated via the GetEndpoints service, would have different serverCertificates between EndpointDescriptions?

The serverCertificate is the server’s application instance certificate, and is described for EndpointDescription as “The Application Instance Certificate issued to the Server”; here, as elsewhere, this seems to be singular. Yet, the certificate is returned per-endpoint, which seems to imply that there’s a per-endpoint case somewhere, somehow.

What am I overlooking?

Avatar
Randy Armstrong
Admin
Forum Posts: 1578
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
06/29/2023 - 15:20
sp_Permalink sp_Print

Servers frequently have multiple certificates assigned to them and each EndpointDescription can have a different Certificate (i.e. different trust lists for internal vs external NICs or different key algorithms ECC/RSA).

Clients need to use the Certificate associated EndpointDescription they choose.

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 29
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1444
Posts: 4887