View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0009065 | 10000-012: Discovery | Spec | public | 2023-07-31 21:18 | 2024-05-07 16:40 |
| Reporter | Jack Visoky | Assigned To | Randy Armstrong | ||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 1.05.04 RC1 | ||||
| Summary | 0009065: Standard way to tell what certificate a GDS certificate manager is managing | ||||
| Description | There is a need to enhance the Part 12 Certificate Manager functionality to provide a standard way to know what uses the certificate being managed. For example, there could be an application with both a client and server. In one case the client and server might share a certificate, and in another case they may want to have separate certificates. Having a way to tell this would help a GDS know how to behave. Note that the example described a simple case, but even more complex would be where there are multiple clients/servers that might be sharing a certificate. Whatever mechanism is used must be able to cover these more complex cases. | ||||
| Tags | No tags attached. | ||||
| Commit Version | 1.05.04 RC | ||||
| Fix Due Date | 2023-11-01 | ||||
| related to | 0007928 | closed | Randy Armstrong | No way to get the certificate of a registered application that has a signed certificate from the GDS. |
|
|
Not clear what is needed. Each certificate has the same application uri so a client and server with the application uri have to use the same certificate. |
|
|
I think this is related to an option to expose more applications managed through the server. If the application type is ClientAndServer, the certificate(s) managed through the DefaultApplicationGroup on the ServerConfiguration is used for the server and the client part of the application. But if the client(s) are independent of the server certificate, there is no way to expose / manage the clients. There was a plan to do this at the time we added Part 21 but this was never completed. In Part 21 there is a definition how applications can be exposed below Resources/ProvisionableDevice. But I think this is bound to the DCA and device provisioning. A similar concept can be used to expose applications (OPC UA Clients, Web Server) that can be managed through the OPC UA Server and allow PUSH of certificates and trust lists. |
|
|
Resolved with ManagedApplications Folder and moving ApplicationConfigurationType from Part 21 to Part 12. |
|
|
Agreed in web meeting |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2023-07-31 21:18 | Jack Visoky | New Issue | |
| 2023-08-01 16:37 | Jim Luth | Assigned To | => Randy Armstrong |
| 2023-08-01 16:37 | Jim Luth | Status | new => assigned |
| 2023-08-01 16:37 | Jim Luth | Relationship added | related to 0007928 |
| 2023-08-01 16:38 | Jim Luth | Commit Version | => 1.05.04 RC |
| 2023-08-01 16:38 | Jim Luth | Fix Due Date | => 2023-11-01 |
| 2024-03-17 05:42 | Randy Armstrong | Note Added: 0020908 | |
| 2024-03-17 05:43 | Randy Armstrong | Status | assigned => feedback |
| 2024-03-17 22:30 | Matthias Damm | Note Added: 0020916 | |
| 2024-05-07 16:39 | Randy Armstrong | Status | feedback => resolved |
| 2024-05-07 16:39 | Randy Armstrong | Resolution | open => fixed |
| 2024-05-07 16:39 | Randy Armstrong | Note Added: 0021176 | |
| 2024-05-07 16:40 | Jim Luth | Status | resolved => closed |
| 2024-05-07 16:40 | Jim Luth | Fixed in Version | => 1.05.04 RC1 |
| 2024-05-07 16:40 | Jim Luth | Note Added: 0021177 |
