Unified Automation Forum

Customer support forum for Unified Automation products and OPC UA technology in general
https://forum.unified-automation.com:443/

Binding SSL certificate to a specific OPC UA client

https://forum.unified-automation.com:443/viewtopic.php?f=14&t=7978

Page 1 of 1

Binding SSL certificate to a specific OPC UA client

Posted: 02 Sep 2022, 04:26
by New_To_OPCUA
Hi all! I am new to OPC UA and I would like to bind a SSL certificate to a specific OPC UA client. The SSL certificate can only be used by that specific OPC UA client and will not be able to be used by other OPC UA clients to connect with the OPC UA server even though they have the same certificate and key. May I know how could I achieve that?

Re: Binding SSL certificate to a specific OPC UA client

Posted: 02 Sep 2022, 08:47
by Support Team
Hi,

it seems that you try to solve a problem that does not exist.

The certificate (application instance certificate) IS bound to a specific application, nobody else can use it, except this one instance of the application. That is the beauty of OPC UA using x509 certificates on both ends (client AND server side). For establishing connection OPC UA needs individual trust on both sides, client must trust server, and server must trust client.

By using GDS you can "simplify" the trust by trusting a certificate authority (CA), but still each application will have its own identity.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited