We are trying to create a valid certificate for authentication an OPC UA client with the Bosch CtrlX OPC UA server. We've tried the OPC UA test client, and it can generate a valid certificate just fine (after trusting the certificate in CtrlX), but obviously this has limitations, so we would like to be able to create our own certificates for this purpose.
However, we've had no luck so far. The server rejects every certificate we've tried without any details on what's wrong. There is nothing the Logbook as far as we can see (yes, we tried enabling settings to see trace messages). Are there any instructions on how to create a valid certificate?
Solved! Go to Solution.
we want to invesetigate the issue. Can please help us with the following points:
Sorry for the late reply. I didn't get a notification that someone had replied.
After some more trial and error, we managed to generate a valid certificate that the CtrlX OPC UA server accepts. What we did was generate it using OpenSSL, then just configure out client with the certificate and connect to the server. This caused the server to automatically reject the certificate, and we were able to go into the certificates in the PLC and mark it as trusted. Then everything worked.
We use version 1.20.1. I am attaching a generated certificate so you can look at it. We don't know if it has additional fields/privileges missing or that don't need to be there.