Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
sp_Search Search
Advanced Search
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Search Search
Go to Bottom
No permission to create posts
sp_Feed Topic RSS sp_TopicIcon
bouncy castle?
August 24, 2018
2:03, EEST
Avatar
luke
New Member
Members
Forum Posts: 1
Member Since:
August 23, 2018
sp_UserOfflineSmall Offline
Go to Top
1sp_Permalink sp_Print

We’re evaluating OPC UA on our site. We have a simple OPC UA server and using the Prosys OPC UA client to test the connection.

For the User Security component – when using ‘Anonymous or Username/Passwords – there are no problems connecting.

I am having difficulty with the User Security component when attempting to use Certificates and Private Keys. I’m not familiar with certificates, public and private keys, and Certificate Authorities etc. So I might be completely off the garden path with what I’m attempting to do.

I found the Opc.Ua.CertificateGenerator.exe tool on the OPC UA server. In command prompt, I used the following parameters.

Opc.Ua.CertificateGenerator.exe -cmd issue -sp . -an OPCTEST-o MyCompany –pw password –pem true,

This generated the type of files that seemed to be recognised on the Prosys OPC UA Client (.der for the certificate and .pem for the private key). However, when using the password, the Prosys client produced an error when trying to read the private key:

“Could not load private key: unable to process key spec: java.lang.ClassCastException: org.bouncycastle.asn1.DLSequence cannot be cast to org.bouncycastle.asn1.ASN1Integer”

What am I doing wrong here?

August 24, 2018
16:39, EEST
Avatar
Bjarne Boström
Moderator
Moderators
Forum Posts: 1026
Member Since:
April 3, 2012
sp_UserOfflineSmall Offline
Go to Top
2sp_Permalink sp_Print

Hi,

Could you please validate that those actually are proper .der (containing the public key part) and .pem (containing the private key part)? e.g. https://stackoverflow.com/questions/5215771/how-can-i-check-if-the-certificate-file-i-have-is-in-pem-format

For the security concepts I recommend reading the specification Part 2.

March 18, 2019
11:39, EET
Avatar
bouncycastlerentals
Waterloo, On
New Member
Members
Forum Posts: 1
Member Since:
March 18, 2019
sp_UserOfflineSmall Offline
sp_UserWebsite
Go to Top
3sp_Permalink sp_Print

Yes It is truly need to take care of Username and Passwords and its should be contain strong symbol.Yell

No permission to create posts
sp_Feed All RSS
Go to top
Forum Timezone: Europe/Helsinki

Most Users Ever Online: 1919

Currently Online:
36 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Heikki Tahvanainen: 402

hbrackel: 144

rocket science: 88

pramanj: 86

Francesco Zambon: 83

Ibrahim: 78

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

Member Stats:

Guest Posters: 0

Members: 734

Moderators: 7

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1523

Posts: 6449

Newest Members:

christamcdowall, redaahern07571, nigelbdhmp, travistimmons, AnnelCib, dalenegettinger, howardkennerley, Thomassnism, biancacraft16, edgardo3518

Moderators: Jouni Aro: 1026, Pyry: 1, Petri: 0, Bjarne Boström: 1026, Jimmy Ni: 26, Matti Siponen: 346, Lusetti: 0

Administrators: admin: 1