Closed DaLammel closed 5 years ago
Hello @DaLammel ,
You should try using the CertificateValidator.CertificateValidation
event.
The event is triggered in case a certificate is not trusted during the validation and you can decide in application code if it can be accepted.
An example can be found in NetCoreConsoleClient project
config.CertificateValidator.CertificateValidation += new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
private static void CertificateValidator_CertificateValidation(CertificateValidator validator, CertificateValidationEventArgs e)
{
if (e.Error.StatusCode == StatusCodes.BadCertificateUntrusted)
{
e.Accept = autoAccept;
if (autoAccept)
{
Console.WriteLine("Accepted Certificate: {0}", e.Certificate.Subject);
}
else
{
Console.WriteLine("Rejected Certificate: {0}", e.Certificate.Subject);
}
}
}
Hi everyone,
I'm currently trying to get my Xamarin Android Client to establish a secure connection to my OPC UA Server, but as soon as I try to enable any security features in the client's code it won't connect to the server anymore. The server is currently set up to support the SecurityPolicies "None" and "Basic256Sha256", as well as SecurityModes "None", "Sign" and "SignAndEncrypt". My goal is to disable both "None" options and only allow secure connections on the server.
The server also forces user authentication via username/password, however this part doesn't cause me any problems.
This whole project is more of a proof of concept and I know that I'll only ever use the client with this exact server. Therefore I want to include the server's certificate as an asset into my app and automatically use it as a "trusted" certificate so that I don't have to implement a way to accept the certificate manually.
This is how I've tried to copy the server certificate from the project's assets in my Client.cs:
The corresponding settings in my ApplicationConfiguration look like this:
Lastly, my configuredEndpoint and session creation looks like this:
My Problem is: as soon as i try to change any one (or all) of the following settings, my client can't connect to my server anymore:
<AutoAcceptUntrustedCertificates>false</AutoAcceptUntrustedCertificates>
var selectedEndpoint = CoreClientUtils.SelectEndpoint(endpointURL, true, 15000);
What am I doing wrong? And is there an easier/better way to include the server's certificates in my client app? I would greatly appreciate any and all help I can get, thank you in advance and have a nice day!