Re: [milo-dev] OPC UA security: Server certificates

[Kevin Herron <kevinherron@xxxxxxxxx>]

Yes, the client needs to validate and trust the server certificate.

This is mostly handled for you if you configure your client with an instance of DefaultClientCertificateValidator and DefaultTrustListManager.

All that remains for you to do is figure out _when_ to add trusted certificates. If your application is interactive in some way you can present your user with the server certificate from the EndpointDescription and ask them if they want to trust it. You can also pre-emptively validate it here before presenting it to the user if you'd like. If they decide to trust it then you can add it as trusted via TrustListManager::addTrustedCertificate. DefaultTrustListManager stores everything using a standard PKI directory layout and you can also manually add certificates to those locations at any time.

The Milo stack/SDK will use the configured validator and trust list manager when connecting to actually make sure everything is valid and trusted when it connects.

On Mon, Nov 16, 2020 at 1:02 PM Olivier Guillet <Olivier.Guillet@xxxxx> wrote:

Hello,

 

we’re in the process of adding OPC UA security options in our milo based opc ua software and some areas still remain unclear (as probably some of my questions):

 

• Is the (opc ua) client supposed to validate and trust (or ask the user to trust) the server certificate? Server certificates can be loaded from the selected endpoints, but should they be checked (for instance whether they expired) and trusted by the client? If yes, does Milo support certificate validation?
• Should the client check at each connection whether server certificates changed and validate (and trust) them again?

 

Thanks in advance!

 

Kind regards

Olivier

 

_______________________________________________
milo-dev mailing list
milo-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/milo-dev