For reasons of clarity the previous lessons of this tutorial passed on loading the client certificate. We are going to make up this in the present lesson.
UaStatus setupSecurity(SessionSecurityInfo& sessionSecurityInfo)
{
UaString sCertificateRevocationListLocation;
#ifdef _WIN32
char szAppPath[MAX_PATH];
char* pszAppPath = szAppPath;
GetModuleFileNameA(0, szAppPath, MAX_PATH);
int len = strlen(szAppPath);
pszAppPath += len;
for ( int ii=0; ii<len; ii++ )
{
pszAppPath--;
if ( *pszAppPath == '\\' )
{
*pszAppPath = 0;
break;
}
}
sAppPath += "\\";
sCertificateRevocationListLocation = sAppPath;
sCertificateRevocationListLocation += CertificateRevocationListLocation;
sCertificateTrustListLocation = sAppPath;
sCertificateTrustListLocation += CertificateTrustListLocation;
sClientCertificateFile = sAppPath;
sClientCertificateFile += CLIENT_CERT_LOCATION;
sClientPrivateKeyFile = sAppPath;
sClientPrivateKeyFile += CLIENT_PKEY_LOCATION;
sServerCertificateFile = sAppPath;
sServerCertificateFile += SERVER_CERT_LOCATION;
#else
sCertificateRevocationListLocation = CertificateRevocationListLocation;
sCertificateTrustListLocation = CertificateTrustListLocation;
sClientCertificateFile = CLIENT_CERT_LOCATION;
sClientPrivateKeyFile = CLIENT_PKEY_LOCATION;
sServerCertificateFile = SERVER_CERT_LOCATION;
#endif
uStatus = sessionSecurityInfo.initializePkiProviderOpenSSL(
sCertificateRevocationListLocation,
sCertificateTrustListLocation);
{
printf("*******************************************************\n");
printf("** setupSecurity failed!\n");
printf("** Could not initialize PKI\n");
printf("*******************************************************\n");
return uStatus;
}
uStatus = sessionSecurityInfo.loadClientCertificateOpenSSL(
sClientCertificateFile,
sClientPrivateKeyFile);
{
printf("*******************************************************\n");
printf("** setupSecurity failed!\n");
printf("** Could not load Client certificate\n");
printf("** Connect will work only without security\n");
printf("*******************************************************\n");
return uStatus;
}
uStatus = sessionSecurityInfo.loadServerCertificateOpenSSL(sServerCertificateFile);
{
printf("*******************************************************\n");
printf("** setupSecurity failed!\n");
printf("** Could not load Server certificate\n");
printf("*******************************************************\n");
}
return uStatus;
}