You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Upon trying the encryption samples for the server and client, I've found that in the server we see the BadSecurityChecksFailed error when I connect to the server first time which will result in the closure of the secure channel and the session. This ideally shouldn't happen as the secure channel is established with the same pair of server and client certificates with the trusted certificate of UA Expert.
Background Information / Reproduction Steps
I just changed the way that load certificate and create certificate. My idea is in the first-time server init I will create a certificate server and in second-time, I will load the certificate that was created in the first-time run. Besides, I change trusted list is 1 to load UA Expert certificate.
Description
Upon trying the encryption samples for the server and client, I've found that in the server we see the BadSecurityChecksFailed error when I connect to the server first time which will result in the closure of the secure channel and the session. This ideally shouldn't happen as the secure channel is established with the same pair of server and client certificates with the trusted certificate of UA Expert.
Background Information / Reproduction Steps
I just changed the way that load certificate and create certificate. My idea is in the first-time server init I will create a certificate server and in second-time, I will load the certificate that was created in the first-time run. Besides, I change trusted list is 1 to load UA Expert certificate.
#include <open62541/client_highlevel.h>
#include <open62541/plugin/log_stdout.h>
#include <open62541/plugin/create_certificate.h>
#include <open62541/plugin/securitypolicy.h>
#include <open62541/server.h>
#include <open62541/server_config_default.h>
#include <signal.h>
#include <stdlib.h>
#include "common.h"
UA_Boolean running = true;
static void stopHandler(int sig) {
UA_LOG_INFO(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, "received ctrl-c");
running = false;
}
int main(int argc, char* argv[]) {
signal(SIGINT, stopHandler);
signal(SIGTERM, stopHandler);
UA_ByteString certificate = UA_BYTESTRING_NULL;
UA_ByteString privateKey = UA_BYTESTRING_NULL;
#if defined(UA_ENABLE_ENCRYPTION_OPENSSL) || defined(UA_ENABLE_ENCRYPTION_LIBRESSL)
UA_LOG_INFO(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND,
"Trying to create a certificate.");
UA_String subject[3] = { UA_STRING_STATIC("C=DE"),
UA_STRING_STATIC("O=SampleOrganization"),
UA_STRING_STATIC("CN=Open62541Server@localhost") };
UA_UInt32 lenSubject = 3;
UA_String subjectAltName[2] = {
UA_STRING_STATIC("DNS:localhost"),
UA_STRING_STATIC("URI:urn:open62541.server.application")
};
UA_UInt32 lenSubjectAltName = 2;
UA_StatusCode statusCertGen =
UA_CreateCertificate(UA_Log_Stdout,
subject, lenSubject,
subjectAltName, lenSubjectAltName,
0, UA_CERTIFICATEFORMAT_DER,
&privateKey, &certificate);
#else
return EXIT_SUCCESS;
#endif
}
#ifdef UA_ENABLE_WEBSOCKET_SERVER
UA_ServerConfig_addNetworkLayerWS(UA_Server_getConfig(server), 7681, 0, 0, &certificate, &privateKey);
#endif
cleanup:
UA_Server_delete(server);
return retval == UA_STATUSCODE_GOOD ? EXIT_SUCCESS : EXIT_FAILURE;
}
`
Used CMake options:
Checklist
Please provide the following information:
UA_LOGLEVEL
set as low as necessary) attachedTraceFile.zip
] Wireshark network dump attached
The text was updated successfully, but these errors were encountered: