Hi Support team,
I want to create a connect to a UA Server with my client application running on the C++ Bundle 1.5.2 SDK.
But I wondered that how to set the UserTokenInfo:
1) I have successed with UserPasswordUserIdentity
2) AnonymousUserIdentity also successed
3) but failed with setCertificateUserIdentity. The error was BadIdentityTokenRejected.
About 3,
UA server: Demo server of C++ 1.5.2 SDK.
UA Client: when I used UaExpert to connect this server with CertificateUserIdentity, successed.
when I used my client application with CertificateUserIdentity, failed.
But I am sure that I put the client .der to server turstedlist and CertificateTrustListLocation([ConfigPath]/pkiuser/trusted/certs/).
About my client application,
I used SessionSecurityInfo::setCertificateUserIdentity to set certificate and private key to be sent to the Demo server.
I could not find the samples in lesson4 of SDK Client Samples.I wondered my programs have some wrony with this type.
Would you give me some samples source cord or ideas for the SessionSecurityInfo::setCertificateUserIdentity()?
Regards
sunny
How to use the setCertificateUserIdentity()?
Moderator: uasdkcpp
-
- Sr. Member
- Posts: 19
- Joined: 12 Feb 2015, 11:14
- Support Team
- Hero Member
- Posts: 3070
- Joined: 18 Mar 2011, 15:09
Re: How to use the setCertificateUserIdentity()?
Hello sunny,
these are the steps to take:
1) load the user certifiate
2) load the private key
3) set the user certificate and private key on the using the method SessionSecurityInfo::setCertificateUserIdentity
these are the steps to take:
1) load the user certifiate
Code: Select all
UaPkiCertificate userCert = UaPkiCertificate::fromDERFile(m_sUserCertificateFilePath);
if (userCert.isValid())
{
UaByteString userCertifiate = userCert.toDER();
}
Code: Select all
UaStatus result;
UaString sPrivateKeyFile("./pkiuser/own/private/user.pem");
UaString sCertificateRevocationListLocation("./pkiuser"); // this path doesn't have any effect when loading the private key -it just needs to exist
UaString sCertificateTrustListLocation("./pkiuser"); // this path doesn't have any effect when loading the private key -it just needs to exist
UaString sPwd;
UaByteString privateKey;
UaPkiProviderOpenSSL pkiProvider(
sCertificateRevocationListLocation,
sCertificateTrustListLocation);
result = pkiProvider.openCertificateStore();
result = pkiProvider.loadPrivateKey(
sPrivateKeyFile,
OpcUa_Crypto_Encoding_PEM,
sPwd,
privateKey);
Best regards
Unified Automation Support Team
Unified Automation Support Team
-
- Sr. Member
- Posts: 19
- Joined: 12 Feb 2015, 11:14
Re: How to use the setCertificateUserIdentity()?
Hi, support team
I got it.I will try again.
Thank you for the hint.
Best regards
I got it.I will try again.
Thank you for the hint.
Best regards