HI,
Greetings !!!
I am new to OPCUa GDS and was looking for support for integrating external PKI certificate manager like OpenXPKI.
Requesting your guidance on the same.
Regards
Kumar
External PKI Certificate Manager Integration
Moderator: uagds
-
- Jr. Member
- Posts: 2
- Joined: 14 Mar 2024, 08:30
- Support Team
- Hero Member
- Posts: 3171
- Joined: 18 Mar 2011, 15:09
Re: External PKI Certificate Manager Integration
Hi,
this is not (yet) possible with the UaGDS, the UaGDS is a CA (certificate authority) by itself. This has the advantage that the certificates created, signed and rolled out by the UaGDS fully comply to the OPC UA standard (addtional extension fields, content filled out correctly, etc.). Second advantange is that you can build up your chain of trust without any (external) connectivity required (e.g. inside your machine).
We are in contact with companies running external CA to get the requirements for OPC UA certificates (and automatic revocation roll out) ligned up.
this is not (yet) possible with the UaGDS, the UaGDS is a CA (certificate authority) by itself. This has the advantage that the certificates created, signed and rolled out by the UaGDS fully comply to the OPC UA standard (addtional extension fields, content filled out correctly, etc.). Second advantange is that you can build up your chain of trust without any (external) connectivity required (e.g. inside your machine).
We are in contact with companies running external CA to get the requirements for OPC UA certificates (and automatic revocation roll out) ligned up.
Best regards
Unified Automation Support Team
Unified Automation Support Team