Non self signed certificate

Questions regarding the use of the UaExpert.

Moderator: uaexpert

Post Reply
Flarup
Jr. Member
Jr. Member
Posts: 1
Joined: 29 Jan 2020, 09:43

Non self signed certificate

Post by Flarup »

I'm trying to connect UAExpert to an OPC UA server with certificates.
To do this I generate a certificate with a CA, but how do I make UAExpert use that.

Even if I set a certificate in the server settings, then UAExpert is using .config/unifiedautomation/uaexpert/PKI/own/certs/uaexpert.der

User avatar
Support Team
Hero Member
Hero Member
Posts: 2532
Joined: 18 Mar 2011, 15:09

Re: Non self signed certificate

Post by Support Team »

Hi,

what you try to do is not possible. The UaExpert (like all other good OPC UA implementations) creates a self-signed sertificate. This certificate can be "signed by" a CA. For that the application must create a "signing request", and the CA must sign the certificate. What you get in return from the CA can than be used. However you can not (and should not) use the CA certificate directly (it does not match your private key).

On the server side you must trust the UaExperts self-signed cert OR alternatively you can trust the CA-signed OR you trust the CA (and everything that this CA has signed)
Best regards
Unified Automation Support Team

Post Reply