15:31, EET
November 9, 2023
The first time I connected with my custom OPC-UA client to the Prosys OPC UA Simulation Server, a (rejected) certificate automatically popped up.
All I had to do was trust it in the ‘Certificates’ tab and then I could connect to the simulation server. However, this certificate is now expired and I don’t see any way to renew it .
Reconnecting with my custom OPC-UA also doesn’t create a new (rejected) certificate for the current date.
How do I renew this certificate?
I’m on Prosys OPC UA Simulation Server version 5.4.6-148
Here are the details of my certificate (some names were changed to anonymize it):
Status: Trusted
Name: MyClient
Signed By: Self Signed
Valid From: 22.05.2022 02:00
Valid To: 22.05.2023 02:00
Application Uri: urn:MY-PC:MyClient
Key Size: 2048
Filename: C:\Users\MyUser\.prosysopc\prosys-opc-ua-simulation-server\PKI\CA\certs\E86C0D3EFB7FB6A54EC23D7C18E24B1404AF1C26.der
Version: 3
Serial Number: 40a596aca148fe400502
Signature algorithm: SHA256withRSA
Issuer: CN=MyClient
Subject: CN=MyClient
Subject Alternative Name: [[6, urn:MY-PC:MyClient], [2, my-pc]]
Thumbprint: [20] 0xe86c0d3efb7fb6a54ec23d7c18e24b1404af1c26
15:55, EET
Moderators
February 11, 2020
Hello,
Simulation Server can’t renew a certificate of a Client application. Instead, the Client application should renew its application certificate if it has expired.
Has your custom OPC UA Client been developed with Prosys OPC UA SDK for Java? The method that loads the certificate can be configured in code to automatically renew expired self-signed application certificates.
If your Client has been developed with some other OPC UA SDK or it is a commercial OPC UA Client application not developed by Prosys OPC, support for it is outside the scope of this forum. As a generic advice, you could try moving the certificate file (and perhaps its private key file as well) to another folder, restart your application and check if it has created a new certificate.
Another generic solution would be to use OpenSSL to create new certificate for your Client application. Here is a previous thread on using OpenSSL: https://forum.prosysopc.com/forum/opc-ua-java-sdk/how-to-create-a-user-certificate-for-user-auth-using-openssl/ . If the certificate of your Client application was working earlier, you could try to create something similar with OpenSSL and replace the certificate and private key used by your Client application with new ones created with OpenSSL.
9:57, EET
November 9, 2023
I thought OPC UA Simulation Server was the initial creator of the certificate, but your answer made me realize I was wrong.
It is the client that creates the certificate.
I am using the OPCFoundation UA-.NETStandard nuget package (C#) for my client code.
What I had to do was delete the certificate from the directory where OPCFoundation stores them.
After doing that, a new certificate was created on the first connection to the OPC UA Simulation Server.
Thank you!
Most Users Ever Online: 1919
Currently Online:
18 Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Heikki Tahvanainen: 402
hbrackel: 144
rocket science: 86
pramanj: 86
Francesco Zambon: 83
Ibrahim: 78
Sabari: 62
kapsl: 57
gjevremovic: 49
Xavier: 43
Member Stats:
Guest Posters: 0
Members: 732
Moderators: 7
Admins: 1
Forum Stats:
Groups: 3
Forums: 15
Topics: 1508
Posts: 6396
Newest Members:
elainesever, powhephenry, mamiecaldwell5, Lamasom, scsneed, berrybulcock, icerdraizomma, athenasummy5, vtaletbhcx, HaroldaDobModerators: Jouni Aro: 1019, Pyry: 1, Petri: 0, Bjarne Boström: 1016, Jimmy Ni: 26, Matti Siponen: 340, Lusetti: 0
Administrators: admin: 1