The interface for methods implemented on the ServerConfigurationModel object. More...

Inherited by UnifiedAutomation.UaServer.ServerManager.

Public Member Functions
StatusCode	ApplyChanges (RequestContext context, ServerConfigurationModel model)
	Used to tell the Server to apply any security changes. More...

StatusCode	CreateSigningRequest (RequestContext context, ServerConfigurationModel model, NodeId CertificateGroupId, NodeId CertificateTypeId, string SubjectName, bool RegeneratePrivateKey, byte[] Nonce, out byte[] CertificateRequest)
	Asks the Server to create a PKCS#10 DER encoded certificate request that is signed with the Server’s private key. More...

StatusCode	GetRejectedList (RequestContext context, ServerConfigurationModel model, out byte[][] Certificates)
	Returns the list of Certificates that have been rejected by the Server. More...

StatusCode	UpdateCertificate (RequestContext context, ServerConfigurationModel model, NodeId CertificateGroupId, NodeId CertificateTypeId, byte[] Certificate, byte[][] IssuerCertificates, string PrivateKeyFormat, byte[] PrivateKey, out bool ApplyChangesRequired)
	Used to update a certificate for a Server. More...

Detailed Description

The interface for methods implemented on the ServerConfigurationModel object.

Member Function Documentation

StatusCode UnifiedAutomation.UaServer.IServerConfigurationMethods.ApplyChanges	(	RequestContext	context,
		ServerConfigurationModel	model
	)

Used to tell the Server to apply any security changes.

This method should only be called if a previous call to a method that changed the configuration returns ApplyChangesRequired=true (see UnifiedAutomation.UaServer.IServerConfigurationMethods.UpdateCertificate ).

ApplyChanges can have different meanings depending on the Server architecture. In the ideal case it would only require the endpoints to be closed and reopened. However, it could require a complete Server shutdown and restart.

This method requires an encrypted channel and that the Client provides credentials with administrative rights on the Server.

Method Result Codes

Result Code	Description
Bad_UserAccessDenied	The current user does not have the rights required.

Parameters

context
model

Returns

Implemented in UnifiedAutomation.UaServer.ServerManager.

StatusCode UnifiedAutomation.UaServer.IServerConfigurationMethods.CreateSigningRequest	(	RequestContext	context,
		ServerConfigurationModel	model,
		NodeId	CertificateGroupId,
		NodeId	CertificateTypeId,
		string	SubjectName,
		bool	RegeneratePrivateKey,
		byte[]	Nonce,
		out byte[]	CertificateRequest
	)

Asks the Server to create a PKCS#10 DER encoded certificate request that is signed with the Server’s private key.

This request can be then used to request a certificate from a CA that expects requests in this format. See RFC 2986 (txt file) for a description of PKCS#10.

This method requires an encrypted channel and that the Client provides credentials with administrative rights on the Server.

Method Result Codes

Result Code	Description
Bad_InvalidArgument	The CertificateTypeId, certificateGroupId or SubjectName is not valid.
Bad_UserAccessDenied	The current user does not have the rights required.

Parameters

context
model
CertificateGroupId	The NodeId of the certificate group object which is affected by the request. If null, the UnifiedAutomation.UaServer.CertificateGroupFolderModel.DefaultApplicationGroup is used.
CertificateTypeId	The type of certificate being requested. The set of permitted types is specified by the UnifiedAutomation.UaServer.CertificateGroupModel.CertificateTypes property belonging to the certificate group.
SubjectName	The subject name to use in the certificate request. If not specified, the SubjectName from the current certificate is used.
RegeneratePrivateKey	Flag indicating whether to create a new private key. If TRUE, the Server shall create a new private key which it stores until the matching signed certificate is uploaded with the UnifiedAutomation.UaServer.IServerConfigurationMethods.UpdateCertificate method. Previously created private keys may be discarded if UnifiedAutomation.UaServer.IServerConfigurationMethods.UpdateCertificate was not called before calling this method again. If FALSE, the Server uses its existing private key.
Nonce	Additional entropy which the caller shall provide if RegeneratePrivateKey is TRUE. It shall be at least 32 bytes long.
CertificateRequest	The PKCS#10 DER encoded certificate request.

Returns

Implemented in UnifiedAutomation.UaServer.ServerManager.

StatusCode UnifiedAutomation.UaServer.IServerConfigurationMethods.GetRejectedList	(	RequestContext	context,
		ServerConfigurationModel	model,
		out byte	Certificates[][]
	)

Returns the list of Certificates that have been rejected by the Server.

No rules are defined for how the Server updates this list or how long a certificate is kept in the list. It is recommended that every valid but untrusted certificate be added to the rejected list as long as storage is available. Servers should omit older entries from the list returned if the maximum message size is not large enough to allow the entire list to be returned.

This method requires an encrypted channel and that the Client provides credentials with administrative rights on the Server.

Method Result Codes

Result Code	Description
Bad_UserAccessDenied	The current user does not have the rights required.

Parameters

context
model
Certificates	The DER encoded form of the Certificates rejected by the Server.

Returns

Implemented in UnifiedAutomation.UaServer.ServerManager.

StatusCode UnifiedAutomation.UaServer.IServerConfigurationMethods.UpdateCertificate	(	RequestContext	context,
		ServerConfigurationModel	model,
		NodeId	CertificateGroupId,
		NodeId	CertificateTypeId,
		byte[]	Certificate,
		byte	IssuerCertificates[][],
		string	PrivateKeyFormat,
		byte[]	PrivateKey,
		out bool	ApplyChangesRequired
	)

Used to update a certificate for a Server.

There are the following three use cases for this method.

The new certificate was created based on a signing request created with the method UnifiedAutomation.UaServer.IServerConfigurationMethods.CreateSigningRequest . In this case, there is no PrivateKey provided.
A new PrivateKey and certificate were created outside the Server and both are updated with this method.
A new certificate was created and signed with the information from the old Certificate. In this case, there is no PrivateKey provided.

The Server shall do all normal integrity checks on the certificate and all of the issuer certificates. If errors occur, the Bad_SecurityChecksFailed error is returned.

The Server shall report an error if the public key does not match the existing certificate and PrivateKey was not provided.

This method requires an encrypted channel and that the Client provides credentials with administrative rights on the Server.

This method may require the UnifiedAutomation.UaServer.IServerConfigurationMethods.ApplyChanges method to be called.

Method Result Codes

Result Code	Description
Bad_InvalidArgument	The CertificateTypeId or certificateGroupId is not valid.
Bad_CertificateInvalid	The certificate is invalid or the format is not supported.
Bad_NotSupported	The PrivateKey is invalid or the format is not supported.
Bad_UserAccessDenied	The current user does not have the rights required.
Bad_SecurityChecksFailed	Some failure occurred verifying the integrity of the certificate.

Parameters

context
model
CertificateGroupId	The NodeId of the certificate group object which is affected by the update. If null the DefaultApplicationGroup is used.
CertificateTypeId	The type of certificate being updated. The set of permitted types is specified by the UnifiedAutomation.UaServer.CertificateGroupModel.CertificateTypes property belonging to the certificate group.
Certificate	The DER encoded certificate which replaces the existing certificate.
IssuerCertificates	The issuer certificates needed to verify the signature on the new certificate.
PrivateKeyFormat	The format of the private key (PEM or PFX). If the privateKey is not specified the privateKeyFormat is null or empty.
PrivateKey	The private key encoded in the PrivateKeyFormat.
ApplyChangesRequired	Indicates that the UnifiedAutomation.UaServer.IServerConfigurationMethods.ApplyChanges method must be called before the new certificate will be used.

Returns

Implemented in UnifiedAutomation.UaServer.ServerManager.

The documentation for this interface was generated from the following file:

D:/work/uasdknet/src/UaServer/Models/UaBaseClasses.cs

Public Member Functions

Detailed Description

Member Function Documentation