如何创建正确的应用程序证书以与 OPC UA 服务器一起使用?
问题描述 投票:0回答:1
我正在尝试创建自己的 OPC UA 客户端。我正在使用 Nuget 包 OPCFoundation.NetStandard.Opc.Ua。为此,我使用了以下代码示例:
using System;
using System.Collections.Generic;
using System.Windows.Forms;
using Opc.Ua; // Install-Package OPCFoundation.NetStandard.Opc.Ua
using Opc.Ua.Client;
using Opc.Ua.Configuration;
using System.Threading;
namespace Test_OPC_UA
{
public partial class Form1 : Form
{
//creating a object that encapsulates the netire OPC UA Server related work
OPCUAClass myOPCUAServer;
//creating a dictionary of Tags that would be captured from the OPC UA Server
Dictionary<String, Form1.OPCUAClass.TagClass> TagList = new Dictionary<String, Form1.OPCUAClass.TagClass>();
public Form1()
{
InitializeComponent();
//Add tags to the Tag List, For each tag, you have to define the name of the tag and its address
//the address can typically be found by browsing the OPC UA Server's tree. In the example below
// The OPC Server had the following hierarchy: M0401 -> CPU945 -> IBatchOutput
//i used TBC0401 as a name of the tag, you can use any name
//add as many tags as you want to capture
TagList.Add("TBC0401", new Form1.OPCUAClass.TagClass("TBC0401", "M0401.CPU945.iBatchOutput"));
//to initialize the OPC UA Server, provide the IP Address, Port Number, the list of tags you want to capture
//in some OPC UA servers and kepware aswell the session can be closed by the OPC UA Server, so its better to
//allow the class to reinitiate session periodically, before renewing current sessions are closed
myOPCUAServer = new OPCUAClass("127.0.0.1", "49320", TagList, true, 1, "2");
//once the OPC Server has been initialized, you can easily read Tag values and even see when they were
// updated last time
//as an example i could read the TBC0401 tag by:
var tagCurrentValue = TagList["TBC0401"].CurrentValue;
var tagLastGoodValue = TagList["TBC0401"].LastGoodValue;
var lastTimeTagupdated = TagList["TBC0401"].LastUpdatedTime;
}
public class OPCUAClass
{
public string ServerAddress { get; set; }
public string ServerPortNumber { get; set; }
public bool SecurityEnabled { get; set; }
public string MyApplicationName { get; set; }
public Session OPCSession { get; set; }
public string OPCNameSpace { get; set; }
public Dictionary<string, TagClass> TagList { get; set; }
public bool SessionRenewalRequired { get; set; }
public double SessionRenewalPeriodMins { get; set; }
public DateTime LastTimeSessionRenewed { get; set; }
public DateTime LastTimeOPCServerFoundAlive { get; set; }
public bool ClassDisposing { get; set; }
public bool InitialisationCompleted { get; set; }
private Thread RenewerTHread { get; set; }
public OPCUAClass(string serverAddres, string serverport, Dictionary<string, TagClass> taglist, bool sessionrenewalRequired, double sessionRenewalMinutes, string nameSpace)
{
ServerAddress = serverAddres;
ServerPortNumber = serverport;
MyApplicationName = "MyApplication";
TagList = taglist;
SessionRenewalRequired = sessionrenewalRequired;
SessionRenewalPeriodMins = sessionRenewalMinutes;
OPCNameSpace = nameSpace;
LastTimeOPCServerFoundAlive = DateTime.Now;
InitializeOPCUAClient();
if (SessionRenewalRequired)
{
LastTimeSessionRenewed = DateTime.Now;
RenewerTHread = new Thread(renewSessionThread);
RenewerTHread.Start();
}
}
//class destructor
~OPCUAClass()
{
ClassDisposing = true;
try
{
OPCSession.Close();
OPCSession.Dispose();
OPCSession = null;
RenewerTHread.Abort();
}
catch { }
}
private void renewSessionThread()
{
while (!ClassDisposing)
{
if ((DateTime.Now - LastTimeSessionRenewed).TotalMinutes > SessionRenewalPeriodMins
|| (DateTime.Now - LastTimeOPCServerFoundAlive).TotalSeconds > 60)
{
Console.WriteLine("Renewing Session");
try
{
OPCSession.Close();
OPCSession.Dispose();
}
catch { }
InitializeOPCUAClient();
LastTimeSessionRenewed = DateTime.Now;
}
Thread.Sleep(2000);
}
}
public void InitializeOPCUAClient()
{
//Console.WriteLine("Step 1 - Create application configuration and certificate.");
var config = new ApplicationConfiguration()
{
ApplicationName = MyApplicationName,
ApplicationUri = Utils.Format(@"urn:{0}:" + MyApplicationName + "", ServerAddress),
ApplicationType = ApplicationType.Client,
SecurityConfiguration = new SecurityConfiguration
{
ApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault", SubjectName = Utils.Format(@"CN={0}, DC={1}", MyApplicationName, ServerAddress) },
TrustedIssuerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Certificate Authorities" },
TrustedPeerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Applications" },
RejectedCertificateStore = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\RejectedCertificates" },
AutoAcceptUntrustedCertificates = true,
AddAppCertToTrustedStore = true
},
TransportConfigurations = new TransportConfigurationCollection(),
TransportQuotas = new TransportQuotas { OperationTimeout = 15000 },
ClientConfiguration = new ClientConfiguration { DefaultSessionTimeout = 60000 },
TraceConfiguration = new TraceConfiguration()
};
config.Validate(ApplicationType.Client).GetAwaiter().GetResult();
if (config.SecurityConfiguration.AutoAcceptUntrustedCertificates)
{
config.CertificateValidator.CertificateValidation += (s, e) => { e.Accept = (e.Error.StatusCode == StatusCodes.BadCertificateUntrusted); };
}
var application = new ApplicationInstance
{
ApplicationName = MyApplicationName,
ApplicationType = ApplicationType.Client,
ApplicationConfiguration = config
};
application.CheckApplicationInstanceCertificate(false, 2048).GetAwaiter().GetResult();
//string serverAddress = Dns.GetHostName();
string serverAddress = ServerAddress; ;
var selectedEndpoint = CoreClientUtils.SelectEndpoint("opc.tcp://" + serverAddress + ":" + ServerPortNumber + "", useSecurity: SecurityEnabled, operationTimeout: 15000);
// Console.WriteLine($"Step 2 - Create a session with your server: {selectedEndpoint.EndpointUrl} ");
OPCSession = Session.Create(config, new ConfiguredEndpoint(null, selectedEndpoint, EndpointConfiguration.Create(config)), false, "", 60000, null, null).GetAwaiter().GetResult();
{
//Console.WriteLine("Step 4 - Create a subscription. Set a faster publishing interval if you wish.");
var subscription = new Subscription(OPCSession.DefaultSubscription) { PublishingInterval = 1000 };
//Console.WriteLine("Step 5 - Add a list of items you wish to monitor to the subscription.");
var list = new List<MonitoredItem> { };
//list.Add(new MonitoredItem(subscription.DefaultItem) { DisplayName = "M0404.CPU945.iBatchOutput", StartNodeId = "ns=2;s=M0404.CPU945.iBatchOutput" });
list.Add(new MonitoredItem(subscription.DefaultItem) { DisplayName = "ServerStatusCurrentTime", StartNodeId = "i=2258" });
foreach (KeyValuePair<string, TagClass> td in TagList)
{
list.Add(new MonitoredItem(subscription.DefaultItem) { DisplayName = td.Value.DisplayName, StartNodeId = "ns=" + OPCNameSpace + ";s=" + td.Value.NodeID + "" });
}
list.ForEach(i => i.Notification += OnTagValueChange);
subscription.AddItems(list);
//Console.WriteLine("Step 6 - Add the subscription to the session.");
OPCSession.AddSubscription(subscription);
subscription.Create();
}
}
public class TagClass
{
public TagClass(string displayName, string nodeID)
{
DisplayName = displayName;
NodeID = nodeID;
}
public DateTime LastUpdatedTime { get; set; }
public DateTime LastSourceTimeStamp { get; set; }
public string StatusCode { get; set; }
public string LastGoodValue { get; set; }
public string CurrentValue { get; set; }
public string NodeID { get; set; }
public string DisplayName { get; set; }
}
public void OnTagValueChange(MonitoredItem item, MonitoredItemNotificationEventArgs e)
{
foreach (var value in item.DequeueValues())
{
if (item.DisplayName == "ServerStatusCurrentTime")
{
LastTimeOPCServerFoundAlive = value.SourceTimestamp.ToLocalTime();
}
else
{
if (value.Value != null)
Console.WriteLine("{0}: {1}, {2}, {3}", item.DisplayName, value.Value.ToString(), value.SourceTimestamp.ToLocalTime(), value.StatusCode);
else
Console.WriteLine("{0}: {1}, {2}, {3}", item.DisplayName, "Null Value", value.SourceTimestamp, value.StatusCode);
if (TagList.ContainsKey(item.DisplayName))
{
if (value.Value != null)
{
TagList[item.DisplayName].LastGoodValue = value.Value.ToString();
TagList[item.DisplayName].CurrentValue = value.Value.ToString();
TagList[item.DisplayName].LastUpdatedTime = DateTime.Now;
TagList[item.DisplayName].LastSourceTimeStamp = value.SourceTimestamp.ToLocalTime();
TagList[item.DisplayName].StatusCode = value.StatusCode.ToString();
}
else
{
TagList[item.DisplayName].StatusCode = value.StatusCode.ToString();
TagList[item.DisplayName].CurrentValue = null;
}
}
}
}
InitialisationCompleted = true;
}
}
}
}
有效。但是我需要连接到另一个 OPC UA 服务器,我开始收到一条错误消息:找不到 ApplicationCertificate。 它发生在这一行:OPCSession = Session.Create(... 我很确定问题是应用程序证书没有正确创建。我说的是这一行:
ApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault", SubjectName = Utils.Format(@"CN={0}, DC={1}", MyApplicationName, ServerAddress) },
我怎样才能知道如何为特定的 OPC UA 服务器正确创建证书?或者问题可能出在其他地方?
UPD:如果重要的话,客户端在 Debian 虚拟机上,服务器在真正的 Windows 10 机器上。
1个回答
0
投票
投票
在 linux 上,建议使用
LocalApplicationDataCommonApplicationData使用
CertificateIdentifierApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = @"%LocalApplicationData%/OPCFoundation/CertificateStores/MachineDefault", SubjectName = "MySubjectName" },如果不存在,将创建一个。
LocalApplicationDataENM: System.Environment.SpecialFolder.LocalApplicationData
WIN: C:\Users\USER\AppData\Local
LIN: /home/USER/.local/share
OSX: /Users/USER/.local/share
要确保您所在的位置是 OPCFoundation 文件夹,您可以这样做:
Console.WriteLine("My LocalApplicationData folder: " + Environment.GetFolderPath( Environment.SpecialFolder.LocalApplicationData));
这是它保存的位置。所以在
user/.local/share/OPCFoundation/CertificateStores/MachineDefault/certs/private
确保每个文件夹位置都具有读/写权限。我相信你可以使用这个命令来做到这一点:
sudo chmod -R 777 /home如果这不起作用,它应该。您可以尝试使用此获取证书(.p12):
var appCertificate = new X509Certificate2(@".folderpath/certs/CertificateName.p12", "password");
application.ApplicationConfiguration.SecurityConfiguration.ApplicationCertificate = new(appCertificate);
我不推荐这个
如果您想完全禁用证书:
确保您可以在没有安全保护的情况下连接到您的服务器。然后在
useSecurity中禁用
SelectEndpoint
public bool SecurityEnabled { get; set; }
SecurityEnabled = false;
var selectedEndpoint = CoreClientUtils.SelectEndpoint("opc.tcp://" + serverAddress + ":" + ServerPortNumber + "", useSecurity: SecurityEnabled, operationTimeout: 15000);
我在这篇文章中做了一个没有证书和凭据的小例子:点击这里
最新问题
- JavaScript 页面重访
- 决策树分类器的底层 sklearn“熵”和“log_loss”标准有区别吗?
- Boost.Asio默认令牌支持导致自由函数调用不明确错误
- 在每个元素的基础上增加迭代器的大小/扩展和映射迭代器
- 通过匹配Twig中的键值获取特定数组元素
- 依次显示各种/随机加载消息
- 这两种类型的向量有什么区别(Julia)
- 获取意外参数:参数中发现意外的密钥“UploadId”,多部分 S3 预签名中出现错误
- 用ggplot2和grid画出最适合的线结束的箭头
- Angular 2+ 中悬停时列表的样式元素
- 通过“import”导入的所有内容都会获得类型,但 require() 不会
- **python3 osmWebWizard.py** 在 Ubuntu 22.04 中无法工作
- 如何使用mysql在codeigniter中计算总计
- MSD 算法输出产生“镜像”输出
- 在 Nuxt 3 中使用可组合项对组件进行 Vitest 单元测试
- Redshift:stv_inflight 和 stv_recents 显示相互矛盾的结果
- 在qmake项目中链接SRT库
- 如何统计嵌套列表中子列表的数量?
- vscode 可以使用 Properties/launchSettings.json 中的配置文件吗?
- 条件格式不起作用,而是格式化所有单元格
© www.soinside.com 2019 - 2024. All rights reserved.