Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OPC UA Driver should support client certificates #595

Closed
ottlukas opened this issue Nov 9, 2022 · 6 comments
Closed

OPC UA Driver should support client certificates #595

ottlukas opened this issue Nov 9, 2022 · 6 comments
Assignees
@splatch
Labels
CRITICAL

Comments

@ottlukas
Copy link
Contributor

ottlukas commented Nov 9, 2022

For an application we need to support Cert based Security in the OPC UA Driver.

Imported from Jira PLC4X-185. Original Jira may contain additional context.
Reported by: jfeinauer.
@marcoantigo
Copy link

Are there any estimates on when this will be implemented?

@ottlukas
Copy link
Contributor Author

ottlukas commented Jan 18, 2023
edited by splatch
Loading

@hutcheb looked at it in 2021:

For 0.9, certificates for encryption is not supported.
For encryption, asymmetric encryption is used initially, the logic for this should work. It hasn't been tested for a while and may need some minor fixes. Once the session is established it switches to symmetric encryption. I had some trouble implementing this and couldn't get it to work properly.
For certificate based authentication, it hasn't been implemented, only anonymous and username profiles work. However it shouldn't be too difficult to implement as all of the certificate handling logic has been implemented.

This is the current state and for the time being no Developer is actively working on that. Our focus is currently on other protocols and topics. Maybe Ben can give an update.

@hutcheb
Copy link
Contributor

hutcheb commented Jan 25, 2023 via email

@chrisdutz
Copy link
Contributor

@hutcheb can you confirm this issue can now be closed?

@splatch
Copy link
Contributor

splatch commented Feb 6, 2024

I believe it can be closed with work done in #1007. It covers both symetric and asymmetric encryption with client certificate retrieved from keystore.

@splatch splatch mentioned this issue Feb 6, 2024
Closed
@splatch splatch assigned splatch and unassigned JulianFeinauer Feb 6, 2024
@splatch
Copy link
Contributor

splatch commented Feb 12, 2024

Completed via #1007.

@splatch splatch closed this as completed Feb 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@splatch splatch

Labels
CRITICAL
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[opcua] Implementation of client side security policy ConnectorIO/plc4x
6 participants
@splatch @chrisdutz @marcoantigo @hutcheb @JulianFeinauer @ottlukas