Use client certificate in connector

RaaLabs · Mar 22, 2024 · bb2dd36 · bb2dd36
1 parent 7e2929f
commit bb2dd36
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 6 deletions.
diff --git a/Source/OpcuaClient.cs b/Source/OpcuaClient.cs
@@ -160,7 +160,14 @@ private void CertificateValidation(CertificateValidator sender, CertificateValid
 
         if (certificateAccepted)
         {
-            _logger.Information("Untrusted Certificate accepted. SubjectName = {0}", e.Certificate.SubjectName);
+            _logger.Information("Untrusted Certificate accepted. Subject = {0}", e.Certificate.Subject);
+            _logger.Information("Untrusted Certificate accepted. Issuer = {0}", e.Certificate.Issuer);
+        }
+
+        else
+        {
+            _logger.Information("Untrusted Certificate rejected. Subject = {0}", e.Certificate.Subject);
+            _logger.Information("Untrusted Certificate rejected. Issuer = {0}", e.Certificate.Issuer);
         }
 
         e.AcceptAll = certificateAccepted;

diff --git a/Source/OpcuaConnector.cs b/Source/OpcuaConnector.cs
@@ -42,13 +42,15 @@ public OpcuaConnector(ILogger logger, OpcuaConfiguration opcuaConfiguration, IMe
 
         var securityConfig = new SecurityConfiguration()
         {
-            AutoAcceptUntrustedCertificates = true // ONLY for debugging/early dev
+            TrustedIssuerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = "/Users/rafaelschlatter/raalabs/edge/Connectors.OPCUA/Source/config/certs/ca" },
+            TrustedPeerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = "/Users/rafaelschlatter/raalabs/edge/Connectors.OPCUA/Source/config/certs/ca" },
+            ApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = "/Users/rafaelschlatter/raalabs/edge/Connectors.OPCUA/Source/config/certs/client", SubjectName = string.Format("DC={0},O={1},CN={2}", "Rafaels-MacBook-Pro.local", "Prosys OPC", "SimulationServer@Rafaels-MacBook-Pro") },
         };
 
         var config = new ApplicationConfiguration()
         {
-            ApplicationName = "Raa Labs OPC UA connector",
-            ApplicationUri = "Raa Labs OPC UA connector",
+            ApplicationName = "RaaLabsOPCUAConnector",
+            ApplicationUri = "urn:Rafaels-MacBook-Pro.local:OPCUA:SimulationServer",
             ApplicationType = ApplicationType.Client,
             TransportConfigurations = new TransportConfigurationCollection(),
             TransportQuotas = new TransportQuotas { OperationTimeout = 15000 },
@@ -59,11 +61,11 @@ public OpcuaConnector(ILogger logger, OpcuaConfiguration opcuaConfiguration, IMe
 
         _opcuaAppInstance = new ApplicationInstance()
         {
-            ApplicationName = "Raa Labs OPC UA connector",
-            ApplicationType = ApplicationType.Client,
             ApplicationConfiguration = config
         };
 
+        _opcuaAppInstance.CheckApplicationInstanceCertificate(false, 2048).GetAwaiter().GetResult();
+
         _nodesToRead = InitializeReadValueIdCollection();
     }