The ClientSecurityInfo class contains the security related settings to create a secure channel.
More...
#include <uaclientsdk.h>
Inherited by UaClientSdk::SessionSecurityInfo.
The ClientSecurityInfo class contains the security related settings to create a secure channel.
| UaClientSdk::ClientSecurityInfo::ClientSecurityInfo |
( |
| ) |
|
Constructs a client security info object with initial values.
sSecurityPolicy = OpcUa_SecurityPolicy_None
messageSecurityMode = OpcUa_MessageSecurityMode_None
No PKI provider
| UaStatusCode UaClientSdk::ClientSecurityInfo::initializePkiProviderHttps |
( |
const UaString & |
sHttpsIssuersRevocationListLocation, |
|
|
const UaString & |
sHttpsIssuersCertificatesLocation |
|
) |
| |
Initialize the PKI provider to use for validating HTTPS certificates.
This is needed when connecting to servers via HTTPS.
- Returns
- Status code
- Parameters
-
| [in] | sHttpsIssuersRevocationListLocation | The folder where revocation lists for HTTPS CAs are stored. |
| [in] | sHttpsIssuersCertificatesLocation | The folder where HTTPS certificates are stored. |
| UaStatusCode UaClientSdk::ClientSecurityInfo::initializePkiProviderOpenSSL |
( |
const UaString & |
sCertificateRevocationListLocation, |
|
|
const UaString & |
sCertificateTrustListLocation |
|
) |
| |
Initialize the PKI provider to use the file based OpenSSL certificate store.
- Returns
- Status code
- Parameters
-
| [in] | sCertificateRevocationListLocation | The folder where revocation lists for trusted CAs should be stored. Files must be single DER encoded CRLs having the file ending .der or single PEM encoded CRLs having the file ending .pem. |
| [in] | sCertificateTrustListLocation | The folder where certificates of trusted applications and trusted Certificate Autorities (CAs) should be stored. Files must be single DER encoded certificates having the file ending .der. |
| UaStatusCode UaClientSdk::ClientSecurityInfo::initializePkiProviderOpenSSL |
( |
const UaString & |
sCertificateRevocationListLocation, |
|
|
const UaString & |
sCertificateTrustListLocation, |
|
|
const UaString & |
sIssuersRevocationListLocation, |
|
|
const UaString & |
sIssuersCertificatesLocation |
|
) |
| |
Initialize the PKI provider to use the file based OpenSSL certificate store.
- Returns
- Status code
- Parameters
-
| [in] | sCertificateRevocationListLocation | The folder where revocation lists for trusted CAs should be stored. Files must be single DER encoded CRLs having the file ending .der or single PEM encoded CRLs having the file ending .pem. |
| [in] | sCertificateTrustListLocation | The folder where certificates of trusted applications and trusted Certificate Autorities (CAs) should be stored. Files must be single DER encoded certificates having the file ending .der. |
| [in] | sIssuersRevocationListLocation | The folder where revocation lists for issuer CAs should be stored |
| [in] | sIssuersCertificatesLocation | The folder where issuer certificates are stored. Issuer certificates are CA certificates necessary for the verification of the full trust chain of CA certificates in the trust list |
| UaStatusCode UaClientSdk::ClientSecurityInfo::initializePkiProviderWindows |
( |
WindowsStoreLocation |
certificateStoreLocation, |
|
|
const UaString & |
sCertificateStoreName |
|
) |
| |
Initialize the PKI provider to use the Windows certificate store.
- Returns
- Status code.
- Parameters
-
| [in] | certificateStoreLocation | Windows certificate store location used like Location_LocalMachine or Location_CurrentUser |
| [in] | sCertificateStoreName | Name of the windows certificate store where certificates of trusted applications and trusted CAs should be stored |
| UaStatusCode UaClientSdk::ClientSecurityInfo::initializePkiProviderWindows |
( |
WindowsStoreLocation |
certificateStoreLocation, |
|
|
const UaString & |
sCertificateStoreName, |
|
|
const UaString & |
sIssuersCertificateStoreName |
|
) |
| |
Initialize the PKI provider to use the Windows certificate store.
- Returns
- Status code.
- Parameters
-
| [in] | certificateStoreLocation | Windows certificate store location used like Location_LocalMachine or Location_CurrentUser |
| [in] | sCertificateStoreName | Name of the windows certificate store where certificates of trusted applications and trusted CAs should be stored |
| [in] | sIssuersCertificateStoreName | Name of the windows certificate store where issuer certificates are stored. Issuer certificates are CA certificates necessary for the verification of the full trust chain of CA certificates in the trust list |
| UaStatusCode UaClientSdk::ClientSecurityInfo::loadClientCertificateOpenSSL |
( |
const UaString & |
sClientCertificate, |
|
|
const UaString & |
sClientPrivateKey |
|
) |
| |
Load client certificate and client private key using the file based OpenSSL certificate store.
- Returns
- Status code.
- Parameters
-
| [in] | sClientCertificate | Path and file name of the client certificate (public key). Certificates have to be stored in DER format (with file extension .der). |
| [in] | sClientPrivateKey | Path and file name of the client private key. The private key is encoded in PEM format (with .pem as file extension). |
| UaStatusCode UaClientSdk::ClientSecurityInfo::loadClientCertificateWindows |
( |
const UaString & |
sCertificateThumbprint | ) |
|
Load client certificate and client private key using the Windows certificate store.
- Returns
- Status code.
- Parameters
-
| [in] | sCertificateThumbprint | Name of the certificate in the Windows store. The CommonName field set during certificate generation is used as name. |
| UaByteString UaClientSdk::ClientSecurityInfo::clientCertificate |
Client certificate (public key).
This parameter can contain the leaf certificate only or a certificate chain.
The message security mode used for the connection.
Possible values are:
- OpcUa_MessageSecurityMode_None
- OpcUa_MessageSecurityMode_Sign
- OpcUa_MessageSecurityMode_SignAndEncrypt
| UaString UaClientSdk::ClientSecurityInfo::sSecurityPolicy |
The name of the security policy used for the connection.
| Value | String Representation |
| OpcUa_SecurityPolicy_None | "http://opcfoundation.org/UA/SecurityPolicy#None" for security disabled |
| OpcUa_SecurityPolicy_Basic128Rsa15 | "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15" |
| OpcUa_SecurityPolicy_Basic256 | "http://opcfoundation.org/UA/SecurityPolicy#Basic256" |
| OpcUa_SecurityPolicy_Basic256Sha256 | "http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256" |
The documentation for this class was generated from the following files:
- C:/work/uasdkcpp/src/uaclient/uaclientcpp/uaclientsdk.h
- C:/work/uasdkcpp/src/uaclient/uaclientcpp/uaclientsdk.cpp
