OPCFoundation / UA-.NET-Legacy

OPC Foundation Unified Architecture .NET Reference Implementations
332 stars 296 forks source link

ApplicationConfiguration.SaveToFile() removes "RejectSHA1SignedCertificates" #184

Open AntoniPancras opened 5 years ago

AntoniPancras commented 5 years ago

Hi Team,

We are using Opc.Ua.Core.dll and Opc.Ua.Client.dll ( Version 1.4.354 ) in our application . Our application is targeted to .NET framework 4.6. Basically we have upgraded the OPC foundation SDK from Version 1.3.342 to version 1.04.354.

When we try to communicate our OPC UA client application to any OPC UA server with any security mode ( Basic128Rsa15 , Basic 256 ) We are getting the error message “SHA1 signed certificates are not trusted” .

It works fine with NONE security .

based on the reference https://github.com/OPCFoundation/UA-.NETStandard/issues/306, We have added below nodes under ‘SecurityConfiguration’ in our configuration file "RejectSHA1SignedCertificates" with value false "MinimumCertificateKeySize" with value 1024

But the ApplicationConfiguration.SaveToFile() function removes the node "RejectSHA1SignedCertificates" from the configuration file . Could you please advice us any solution for this?

Thanks Antoni

AntoniPancras commented 5 years ago

Hi Team, We have debugged the source code of Opc.Ua.Core.dll and identified that the attribute "EmitDefaultValue" is set to 'false' for the property RejectSHA1SignedCertificates ( \Opc.Ua.Core\Schema\ApplicationConfiguration.cs. )

We have changed the attribute 'EmitDefaultValue' to 'true' as shown below

[DataMember(IsRequired = false, EmitDefaultValue = true, Order = 10)]

Now the issue is resolved. We are able to communicate with OPC server with any security policy successfully.

Please let us know your comments on this fix . Please do let us know any additional testing needs to be done.

Thanks Antoni

PrashantDesai commented 4 years ago

Is this problem is resolved in following Nuget package?? It is not working for me

1.4.360.33