search

FreeOpcUa / opcua-asyncio

OPC UA library for python >= 3.7
GNU Lesser General Public License v3.0
1.04k stars 345 forks source link

Encryption with username/password (not certificate) #1598

Closed mister-potter closed 4 months ago

mister-potter commented 4 months ago

Hello

I would like to use encryption with security policy Basic256Sha256 + username / password authentication and not certificate exchange.

To Reproduce

When I use the below mentioned code, it's trying to load the certificates / key. Returns the error Error: [Errno 2] No such file or directory: 'None'

security_policy = "Basic256Sha256"
security_mode = "SignAndEncrypt"
await client.set_security_string(f"{security_policy},{security_mode}," + str(None) + "," + str(None))

Version
Python-Version: 3.12 opcua-asyncio Version: 1.1.0

schroeder- commented 4 months ago

In OPC UA there is a have two certificates one is used for the transport transport security (e.g. Sign&Encrypt) and is used for UserAuth via Certificates (peer-certificate). You need a certificate for the encrypted communication.

There for you can create your own certificate, via setup_self_signed_certificate, see example: https://github.com/FreeOpcUa/opcua-asyncio/blob/master/examples/client-with-encryption.py