Server Settings (Security, Authentication)
Posted: 01 Nov 2024, 10:02
I am trying to connect to the Demo Server by executing uaservercpp.exe in the SDK Bundle (Unified Automation UA SDK C++ Bundle 1.5.4 (SOURCE Edition)) using the security options. Please check if my understanding of the procedure is correct and answer any questions. .
1. I want to use the server security option.
Security Policy: Basic256Sha256
Message Security Mode: Sign & Encrypt
2. To enable the server security option, I used UaExpert's Application certificate (C:\Users\User\AppData\Roaming\unifiedautomation\uaexpert\PKI\own\certs).
I copied and pasted the uaexpert.der file into the “uaexpert.der” path on the Server: “C:\ProgramData\UnifiedAutomation\UaSdkCppBundleSource\pkiserver\trusted\certs.” (Refer to ServConfig.xml.)
Q1. Are the certificate management procedures related to Security Policy and Message Security Mode completed in steps 1-2? Or is there an additional process? Is a private key used in this process?
3. I want to use Authentication Settings.
I'm trying to use the Cert/Private Key method.
The certificate used the uaexpert.der file in C:\Users\User\AppData\Roaming\unifiedautomation\uaexpert\PKI\own\certs on the client.
Private Key is the client's
I used the uaexpert_key.pem file located in the path C:/Users/User/AppData/Roaming/unifiedautomation/uaexpert/PKI/own/private/.
4. I copied&paste the uaexpert.der file to pkiuser on Server.
5. Connection was successful.
But I did not copy the uaexpert_key.pem file to "server\pkiuser".
Q2. What exactly does the private key registered in Server Settings do?
Please tell me exactly how to use Authentication Settings.
Thank you for your attention to this matter.
1. I want to use the server security option.
Security Policy: Basic256Sha256
Message Security Mode: Sign & Encrypt
2. To enable the server security option, I used UaExpert's Application certificate (C:\Users\User\AppData\Roaming\unifiedautomation\uaexpert\PKI\own\certs).
I copied and pasted the uaexpert.der file into the “uaexpert.der” path on the Server: “C:\ProgramData\UnifiedAutomation\UaSdkCppBundleSource\pkiserver\trusted\certs.” (Refer to ServConfig.xml.)
Q1. Are the certificate management procedures related to Security Policy and Message Security Mode completed in steps 1-2? Or is there an additional process? Is a private key used in this process?
3. I want to use Authentication Settings.
I'm trying to use the Cert/Private Key method.
The certificate used the uaexpert.der file in C:\Users\User\AppData\Roaming\unifiedautomation\uaexpert\PKI\own\certs on the client.
Private Key is the client's
I used the uaexpert_key.pem file located in the path C:/Users/User/AppData/Roaming/unifiedautomation/uaexpert/PKI/own/private/.
4. I copied&paste the uaexpert.der file to pkiuser on Server.
5. Connection was successful.
But I did not copy the uaexpert_key.pem file to "server\pkiuser".
Q2. What exactly does the private key registered in Server Settings do?
Please tell me exactly how to use Authentication Settings.
Thank you for your attention to this matter.