在OPC基金会的OPC UA客户端中,您可以使用以下代码自动创建自签名客户端证书并接受服务器证书:
SecurityConfiguration = new SecurityConfiguration
{
ApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault", SubjectName = "MyClient" },
TrustedIssuerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Certificate Authorities" },
TrustedPeerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Applications" },
RejectedCertificateStore = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\RejectedCertificates" },
AutoAcceptUntrustedCertificates = true
},
application.CheckApplicationInstanceCertificate(false, 2048).GetAwaiter().GetResult();
您还可以通过更改SubjectName为所需证书的CN来指定要使用的证书(自定义证书)。只需确保将私钥放在私有文件夹中。
如果将第二个参数设置为true,则连接到服务器时会使用安全性(证书)。
var selectedEndpoint = CoreClientUtils.SelectEndpoint("opc.tcp://" + ip + ":" + port, true);
UserIdentity user = new UserIdentity(username, password); EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(config); ConfiguredEndpoint endpoint = new ConfiguredEndpoint(null, selectedEndpoint, endpointConfiguration); Session session = await Session.Create(config, endpoint, false, config.ApplicationName, 60000, user, null);
- Victor Pieper