search

nauful / LibUA

Open-source OPC UA client and server library
Apache License 2.0
262 stars 94 forks source link

Issue #121

Closed AnyelaMolina closed 1 year ago

AnyelaMolina commented 1 year ago

On the server when Basic256 security types are configured with Sign and with SignAndEncrypt, the client cannot connect. Beforehand thank you very much.

nauful commented 1 year ago

Can you take a Wireshark capture?

I would guess the server is rejecting the client's certificate unless you've already added the client certificate to the server's trusted certificate store.

AnyelaMolina commented 1 year ago

Excellent day, here I leave the capture Basic 256 SignAndEncrypt.pdf Basic 256 Sing.pdf

AnyelaMolina commented 1 year ago

thank, I saw my mistake

nauful commented 1 year ago

Sounds good!

thousand3 commented 1 year ago

Hi AnyelaMolina, is it possible to share your solution/mistake? Because i'm facing the same issue here.

Btw, When use LibUA as server, where is the server's trusted certificate store folder?

nauful commented 1 year ago

If you're using LibUA as a server,

  1. Your client needs to trust the server certificate.
  2. The server doesn't use a certificate store by default. You can implement that here to accept/reject client certificates (the sample server accepts all by default): https://github.com/nauful/LibUA/blob/8462ab98c820c87a82e8b0a1e418eb6365c7fb01/NET%20Core/TestServer/Program.cs#L113

You can check that byte[] clientCertificate is a trusted certificate (content exists in some trusted folder) if you want to.

thousand3 commented 1 year ago

Got it. Let me test it out. Thanks for your quick response. Appreciate it.