-
Notifications
You must be signed in to change notification settings - Fork 922
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto accept untrusted certificates for client does not work #1228
Comments
Hi @davidguidali, this behaviour as you describe it is known since a long time. |
PR #1380 should fix this... |
You can use autoaccept field in the uaclient contructor for auto accepting the untrusted certificates if you want server specific granularity: |
yes, this is fixed |
Hi there
I have a problem / question and am wondering what I'm doing wrong. I've created my own simple opcua server and client using your library as a base.
First I let it run on my PC as two separate processes and everything worked fine, the client was able to connect to the server without any problems.
Afterwards, I tried to put the server into a docker container connect to it with the client, but now the server gave me a BadUntrustedCertificate error, since he didn't trust the clients certificate. To fix this, I set the AutoAcceptUntrustedCertificates flag in the server config file to true, rebuild the docker image and tried again (I'm just using this for testing reasons so no need for certificate trust).
The server now accepted my clients certificate, however, the client did not accept the servers certificate and gave me the same BadUntrustedCertificate. OK no problem I thought, just set the AutoAcceptUntrustedCertificates flag of the client config also to true. But this time, this change did not fix the error. Even though the AutoAcceptUntrustedCertificates is set to true in the clients configuration, the client is still rejecting the servers certificate!
I found a workaoround by subscribing to the CertificateValidation event of the clients CertificateValidator and setting e.Accept = true inside the event method, but I'm still asking if there is anything else to do to make the AutoAcceptUntrustedCertificates work for the client?
The text was updated successfully, but these errors were encountered: