View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000457410000-006: MappingsSpecpublic2019-01-02 12:012020-06-18 17:07
ReporterMatthias Damm Assigned ToRandy Armstrong  
PriorityhighSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Summary0004574: Undefined status code Bad_CertificateUnknown used in Part 6
Description

In OPC UA Part 6 - 6.7.6 Verifying Message Security, the status code Bad_CertificateUnknown is used but this status code is not defined and not contained in the list of status code that is attached to Part 6.

Definition:
The receiver shall verify the ReceiverCertificateThumbprint and report a Bad_CertificateUnknown error if it does not recognize it.

The code is also used in Table 55 – OPC UA Connection Protocol error codes.

Since the code is not defined and not in generated code, it cannot be used by existing implementations. The one implementation I tried uses Bad_CertificateInvalid instead.

I think we should verify what different implementations are using and maybe adjust the spec...

This error shows up if the server certificate is updated by a GDS and the client is still using the old server certificate.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0005465 closedRandy Armstrong Security check description is incorrect 

Activities

Randy Armstrong

2019-02-27 22:55

administrator   ~0009979

Bad_CertificateUntrusted is defined:
https://github.com/OPCFoundation/UA-Nodeset/blob/bc61faa49c34dceac85a7b5597da4b0e90bc3687/Schema/StatusCode.csv

Matthias Damm

2019-03-05 16:06

developer   ~0010007

The proposed resolution is to replace Bad_CertificateUnknown with Bad_CertificateInvalid

Randy Armstrong

2019-04-05 23:45

administrator   ~0010136

Changed to Bad_CertificateInvalid in OPC UA Part 6 - Mappings Draft 1.05.06 Specification.docx

Randy Armstrong

2020-04-21 15:20

administrator   ~0011954

Reviewed and closed on Apr 21st Call.

Randy Armstrong

2020-04-21 16:38

administrator   ~0011963

Need errata.

Randy Armstrong

2020-06-17 03:41

administrator   ~0012368

Published in Errata 1.04.2.

Jim Luth

2020-06-18 17:07

administrator   ~0012431

Agreed to changes and Errata in virtual F2F.

Issue History

Date Modified Username Field Change
2019-01-02 12:01 Matthias Damm New Issue
2019-02-27 22:55 Randy Armstrong Note Added: 0009979
2019-02-28 14:40 Matthias Damm Summary Undefined status code Bad_CertificateUntrusted used in Part 6 => Undefined status code Bad_CertificateUnknown used in Part 6
2019-02-28 14:40 Matthias Damm Description Updated
2019-03-05 16:05 Matthias Damm Assigned To => Randy Armstrong
2019-03-05 16:05 Matthias Damm Status new => assigned
2019-03-05 16:06 Matthias Damm Note Added: 0010007
2019-04-05 23:45 Randy Armstrong Status assigned => resolved
2019-04-05 23:45 Randy Armstrong Resolution open => fixed
2019-04-05 23:45 Randy Armstrong Note Added: 0010136
2020-04-21 15:20 Randy Armstrong Status resolved => closed
2020-04-21 15:20 Randy Armstrong Note Added: 0011954
2020-04-21 16:38 Randy Armstrong Status closed => assigned
2020-04-21 16:38 Randy Armstrong Note Added: 0011963
2020-04-21 17:04 Matthias Damm Relationship added related to 0005465
2020-06-17 03:41 Randy Armstrong Status assigned => resolved
2020-06-17 03:41 Randy Armstrong Note Added: 0012368
2020-06-18 17:07 Jim Luth Status resolved => closed
2020-06-18 17:07 Jim Luth Fixed in Version => 1.05
2020-06-18 17:07 Jim Luth Note Added: 0012431