/// <summary>
/// Creates a ListOfSecurityProfiles object.
/// </summary>
public static ListOfSecurityProfiles ToListOfSecurityProfiles(ServerSecurityPolicyCollection policies)
{
ListOfSecurityProfiles profiles = new ListOfSecurityProfiles();
profiles.Add(CreateProfile(SecurityPolicies.None));
profiles.Add(CreateProfile(SecurityPolicies.Basic128Rsa15));
profiles.Add(CreateProfile(SecurityPolicies.Basic256));
profiles.Add(CreateProfile(SecurityPolicies.Basic256Sha256));
if (policies != null)
{
for (int ii = 0; ii < policies.Count; ii++)
{
for (int jj = 0; jj < profiles.Count; jj++)
{
if (policies[ii].SecurityPolicyUri == profiles[jj].ProfileUri)
{
profiles[jj].Enabled = true;
}
}
}
}
return(profiles);
}
/// <summary>
/// Add security policy if it doesn't exist yet.
/// </summary>
/// <param name="policies">The collection to which the policies are added.</param>
/// <param name="securityMode">The message security mode.</param>
/// <param name="policyUri">The security policy Uri.</param>
private bool InternalAddPolicy(ServerSecurityPolicyCollection policies, MessageSecurityMode securityMode, string policyUri)
{
if (securityMode == MessageSecurityMode.Invalid)
{
throw new ArgumentException("Invalid security mode selected", nameof(securityMode));
}
var newPolicy = new ServerSecurityPolicy()
{
SecurityMode = securityMode,
SecurityPolicyUri = policyUri
};
if (policies.Find(s =>
s.SecurityMode == newPolicy.SecurityMode &&
string.Equals(s.SecurityPolicyUri, newPolicy.SecurityPolicyUri, StringComparison.Ordinal)
) == null)
{
policies.Add(newPolicy);
return(true);
}
return(false);
}
/// <summary>
/// Creates a ServerSecurityPolicyCollection object.
/// </summary>
public static ServerSecurityPolicyCollection FromListOfSecurityProfiles(ListOfSecurityProfiles profiles)
{
ServerSecurityPolicyCollection policies = new ServerSecurityPolicyCollection();
if (profiles != null)
{
for (int ii = 0; ii < profiles.Count; ii++)
{
if (profiles[ii].Enabled)
{
policies.Add(CreatePolicy(profiles[ii].ProfileUri));
}
}
}
if (policies.Count == 0)
{
policies.Add(CreatePolicy(SecurityPolicies.None));
}
return(policies);
}
private ApplicationConfiguration GetDefaultConfiguration(string url)
{
ApplicationConfiguration config = new ApplicationConfiguration();
// 签名及加密验证
ServerSecurityPolicyCollection policies = new ServerSecurityPolicyCollection( );
if (Util.SharpSettings.SecurityPolicyNone)
{
policies.Add(new ServerSecurityPolicy( )
{
SecurityMode = MessageSecurityMode.None,
SecurityPolicyUri = SecurityPolicies.None
});
}
if (Util.SharpSettings.SecurityPolicyBasic128_Sign)
{
policies.Add(new ServerSecurityPolicy( )
{
SecurityMode = MessageSecurityMode.Sign,
SecurityPolicyUri = SecurityPolicies.Basic128Rsa15
});
}
if (Util.SharpSettings.SecurityPolicyBasic128_Sign_Encrypt)
{
policies.Add(new ServerSecurityPolicy( )
{
SecurityMode = MessageSecurityMode.SignAndEncrypt,
SecurityPolicyUri = SecurityPolicies.Basic128Rsa15
});
}
if (Util.SharpSettings.SecurityPolicyBasic256_Sign)
{
policies.Add(new ServerSecurityPolicy( )
{
SecurityMode = MessageSecurityMode.Sign,
SecurityPolicyUri = SecurityPolicies.Basic256
});
}
if (Util.SharpSettings.SecurityPolicyBasic256_Sign_Encrypt)
{
policies.Add(new ServerSecurityPolicy( )
{
SecurityMode = MessageSecurityMode.SignAndEncrypt,
SecurityPolicyUri = SecurityPolicies.Basic256
});
}
// 用户名验证
UserTokenPolicyCollection userTokens = new UserTokenPolicyCollection( );
if (Util.SharpSettings.SecurityAnonymous)
{
userTokens.Add(new UserTokenPolicy(UserTokenType.Anonymous));
}
if (Util.SharpSettings.SecurityAccount)
{
userTokens.Add(new UserTokenPolicy(UserTokenType.UserName));
}
config.ApplicationName = "OpcUaServer";
config.ApplicationType = ApplicationType.Server;
config.SecurityConfiguration = new SecurityConfiguration()
{
ApplicationCertificate = new CertificateIdentifier()
{
StoreType = "Directory",
StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\MachineDefault",
SubjectName = config.ApplicationName,
},
TrustedPeerCertificates = new CertificateTrustList()
{
StoreType = "Directory",
StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Applications",
},
TrustedIssuerCertificates = new CertificateTrustList()
{
StoreType = "Directory",
StorePath = @"%CommonApplicationData%\OPC Foundation\CertificateStores\UA Certificate Authorities",
},
RejectedCertificateStore = new CertificateStoreIdentifier()
{
StoreType = "Directory",
StorePath = @"% CommonApplicationData%\OPC Foundation\CertificateStores\RejectedCertificates"
}
};
config.TransportConfigurations = new TransportConfigurationCollection();
config.TransportQuotas = new TransportQuotas();
config.ServerConfiguration = new ServerConfiguration( )
{
// 配置登录的地址
BaseAddresses = new string[]
{
url
},
SecurityPolicies = policies,
UserTokenPolicies = userTokens,
DiagnosticsEnabled = false, // 是否启用诊断
MaxSessionCount = 1000, // 最大打开会话数
MinSessionTimeout = 10000, // 允许该会话在与客户端断开时(单位毫秒)仍然保持连接的最小时间
MaxSessionTimeout = 60000, // 允许该会话在与客户端断开时(单位毫秒)仍然保持连接的最大时间
MaxBrowseContinuationPoints = 1000, // 用于Browse / BrowseNext操作的连续点的最大数量。
MaxQueryContinuationPoints = 1000, // 用于Query / QueryNext操作的连续点的最大数量
MaxHistoryContinuationPoints = 500, // 用于HistoryRead操作的最大连续点数。
MaxRequestAge = 1000000, // 传入请求的最大年龄(旧请求被拒绝)。
MinPublishingInterval = 100, // 服务器支持的最小发布间隔(以毫秒为单位)
MaxPublishingInterval = 3600000, // 服务器支持的最大发布间隔(以毫秒为单位)1小时
PublishingResolution = 50, // 支持的发布间隔(以毫秒为单位)的最小差异
MaxSubscriptionLifetime = 3600000, // 订阅将在没有客户端发布的情况下保持打开多长时间 1小时
MaxMessageQueueSize = 100, // 每个订阅队列中保存的最大消息数
MaxNotificationQueueSize = 100, // 为每个被监视项目保存在队列中的最大证书数
MaxNotificationsPerPublish = 1000, // 每次发布的最大通知数
MinMetadataSamplingInterval = 1000, // 元数据的最小采样间隔
AvailableSamplingRates = new SamplingRateGroupCollection(new List <SamplingRateGroup>()
{
new SamplingRateGroup(5, 5, 20),
new SamplingRateGroup(100, 100, 4),
new SamplingRateGroup(500, 250, 2),
new SamplingRateGroup(1000, 500, 20),
}), // 可用的采样率
MaxRegistrationInterval = 30000, // 两次注册尝试之间的最大时间(以毫秒为单位)
//NodeManagerSaveFile = string.Empty,// 包含节点的文件的路径由核心节点管理器持久化 ??
};
config.CertificateValidator = new CertificateValidator();
config.CertificateValidator.Update(config);
config.Extensions = new XmlElementCollection();
return(config);
}
/// <summary>
/// Updates the application configuration with the values from the installation configuration.
/// </summary>
/// <param name="configuration">The configuration to update.</param>
protected virtual void UpdateAppConfigWithInstallConfig(ApplicationConfiguration configuration)
{
// override the application name.
if (InstallConfig.ApplicationName != null)
{
if (configuration.SecurityConfiguration != null && configuration.SecurityConfiguration.ApplicationCertificate != null)
{
if (configuration.SecurityConfiguration.ApplicationCertificate.SubjectName == configuration.ApplicationName)
{
configuration.SecurityConfiguration.ApplicationCertificate.SubjectName = InstallConfig.ApplicationName;
}
}
configuration.ApplicationName = InstallConfig.ApplicationName;
}
if (InstallConfig.ApplicationUri != null)
{
configuration.ApplicationUri = InstallConfig.ApplicationUri;
}
// replace localhost with the current machine name.
if (configuration.ApplicationUri != null)
{
int index = configuration.ApplicationUri.IndexOf("localhost", StringComparison.OrdinalIgnoreCase);
if (index != -1)
{
StringBuilder buffer = new StringBuilder();
buffer.Append(configuration.ApplicationUri.Substring(0, index));
buffer.Append(System.Net.Dns.GetHostName());
buffer.Append(configuration.ApplicationUri.Substring(index+"localhost".Length));
configuration.ApplicationUri = buffer.ToString();
}
}
ServerBaseConfiguration serverConfiguration = null;
if (configuration.ServerConfiguration != null)
{
serverConfiguration = configuration.ServerConfiguration;
}
else if (configuration.DiscoveryServerConfiguration != null)
{
serverConfiguration = configuration.DiscoveryServerConfiguration;
}
if (serverConfiguration != null)
{
if (InstallConfig.BaseAddresses != null && InstallConfig.BaseAddresses.Count > 0)
{
Dictionary<string, string> addresses = new Dictionary<string, string>();
serverConfiguration.BaseAddresses.Clear();
for (int ii = 0; ii < InstallConfig.BaseAddresses.Count; ii++)
{
Uri url = Utils.ParseUri(InstallConfig.BaseAddresses[ii]);
if (url != null)
{
if (!addresses.ContainsKey(url.Scheme))
{
serverConfiguration.BaseAddresses.Add(url.ToString());
addresses.Add(url.Scheme, String.Empty);
}
else
{
serverConfiguration.AlternateBaseAddresses.Add(url.ToString());
}
}
}
}
if (InstallConfig.SecurityProfiles != null && InstallConfig.SecurityProfiles.Count > 0)
{
ServerSecurityPolicyCollection securityPolicies = new ServerSecurityPolicyCollection();
for (int ii = 0; ii < InstallConfig.SecurityProfiles.Count; ii++)
{
for (int jj = 0; jj < serverConfiguration.SecurityPolicies.Count; jj++)
{
if (serverConfiguration.SecurityPolicies[jj].SecurityPolicyUri == InstallConfig.SecurityProfiles[ii].ProfileUri)
{
securityPolicies.Add(serverConfiguration.SecurityPolicies[jj]);
}
}
}
serverConfiguration.SecurityPolicies = securityPolicies;
}
}
if (InstallConfig.ApplicationCertificate != null)
{
configuration.SecurityConfiguration.ApplicationCertificate.StoreType = InstallConfig.ApplicationCertificate.StoreType;
configuration.SecurityConfiguration.ApplicationCertificate.StorePath = InstallConfig.ApplicationCertificate.StorePath;
if (String.IsNullOrEmpty(InstallConfig.ApplicationCertificate.SubjectName))
{
configuration.SecurityConfiguration.ApplicationCertificate.SubjectName = InstallConfig.ApplicationCertificate.SubjectName;
}
}
if (InstallConfig.RejectedCertificatesStore != null)
{
configuration.SecurityConfiguration.RejectedCertificateStore = Opc.Ua.Security.SecuredApplication.FromCertificateStoreIdentifier(InstallConfig.RejectedCertificatesStore);
}
if (InstallConfig.IssuerCertificateStore != null)
{
configuration.SecurityConfiguration.TrustedIssuerCertificates.StoreType = InstallConfig.IssuerCertificateStore.StoreType;
configuration.SecurityConfiguration.TrustedIssuerCertificates.StorePath = InstallConfig.IssuerCertificateStore.StorePath;
configuration.SecurityConfiguration.TrustedIssuerCertificates.ValidationOptions = (CertificateValidationOptions)(int)InstallConfig.IssuerCertificateStore.ValidationOptions;
}
if (InstallConfig.TrustedCertificateStore != null)
{
configuration.SecurityConfiguration.TrustedPeerCertificates.StoreType = InstallConfig.TrustedCertificateStore.StoreType;
configuration.SecurityConfiguration.TrustedPeerCertificates.StorePath = InstallConfig.TrustedCertificateStore.StorePath;
configuration.SecurityConfiguration.TrustedPeerCertificates.ValidationOptions = (CertificateValidationOptions)(int)InstallConfig.TrustedCertificateStore.ValidationOptions;
}
configuration.CertificateValidator.Update(configuration);
}
/// <summary>
/// Creates a ServerSecurityPolicyCollection object.
/// </summary>
public static ServerSecurityPolicyCollection FromListOfSecurityProfiles(ListOfSecurityProfiles profiles)
{
ServerSecurityPolicyCollection policies = new ServerSecurityPolicyCollection();
if (profiles != null)
{
for (int ii = 0; ii < profiles.Count; ii++)
{
if (profiles[ii].Enabled)
{
policies.Add(CreatePolicy(profiles[ii].ProfileUri));
}
}
}
if (policies.Count == 0)
{
policies.Add(CreatePolicy(SecurityPolicies.None));
}
return policies;
}
/// <summary>
/// Creates a ListOfSecurityProfiles object.
/// </summary>
public static ListOfSecurityProfiles ToListOfSecurityProfiles(ServerSecurityPolicyCollection policies)
{
ListOfSecurityProfiles profiles = new ListOfSecurityProfiles();
profiles.Add(CreateProfile(SecurityPolicies.None));
profiles.Add(CreateProfile(SecurityPolicies.Basic128Rsa15));
profiles.Add(CreateProfile(SecurityPolicies.Basic256));
if (policies != null)
{
for (int ii = 0; ii < policies.Count; ii++)
{
for (int jj = 0; jj < profiles.Count; jj++)
{
if (policies[ii].SecurityPolicyUri == profiles[jj].ProfileUri)
{
profiles[jj].Enabled = true;
}
}
}
}
return profiles;
}
/// <summary>
/// hardcoded application configuration of the collector server/client
/// </summary>
/// <returns>application configuration of the collector server/client</returns>
public static ApplicationConfiguration getConfiguration()
{
//not fully implemented
ApplicationConfiguration config = new ApplicationConfiguration();
config.ApplicationName = "Collector Server";
//config.ApplicationType = null;
config.ApplicationUri = @"urn:localhost:UA:InformationModelServer";
//config.CertificateValidator = null;
//config.ClientConfiguration = null;
//config.DisableHiResClock = null;
//config.DiscoveryServerConfiguration = null;
#region Extensions
List <XmlElement> config_extensions = new List <XmlElement>();
#endregion
config.Extensions = new XmlElementCollection();
//config.MessageContext = null;
config.ProductUri = @"http://opcfoundation.org/UA/InformationModelServer";
//config.Properties = null;
//config.PropertiesLock = null;
#region Security Configuration
SecurityConfiguration config_security = new SecurityConfiguration();
CertificateIdentifier config_security_certificate = new CertificateIdentifier();
config_security_certificate.StoreType = "Directory";
config_security_certificate.StorePath = @"%CommonApplicationData%\OPC Foundation\pki\own";
config_security_certificate.SubjectName = @"CN = Demo Server, C = US, S = Arizona, O = OPC Foundation, DC = localhost";
config_security.ApplicationCertificate = config_security_certificate;
CertificateTrustList config_trustedIssuer = new CertificateTrustList();
config_trustedIssuer.StoreType = "Directory";
config_trustedIssuer.StorePath = @"%CommonApplicationData%\OPC Foundation\pki\issuer";
config_security.TrustedIssuerCertificates = config_trustedIssuer;
CertificateTrustList config_security_trustedPeer = new CertificateTrustList();
config_security_trustedPeer.StoreType = "Directory";
config_security_trustedPeer.StorePath = @"%CommonApplicationData%\OPC Foundation\pki\trusted";
config_security.TrustedPeerCertificates = config_security_trustedPeer;
CertificateStoreIdentifier config_security_rejected = new CertificateStoreIdentifier();
config_security_rejected.StoreType = "Directory";
config_security_rejected.StorePath = @"%CommonApplicationData%\OPC Foundation\pki\rejected";
config_security.RejectedCertificateStore = config_security_rejected;
#endregion
config.SecurityConfiguration = config_security;
//config_security.ApplicationCertificate = null;
#region ServerConfiguration
ServerConfiguration config_server = new ServerConfiguration();
List <string> config_server_baseAdress = new List <string>();
config_server_baseAdress.Add(@"https://*****:*****@"opc.tcp://localhost:51210/CollectorServer");
config_server.BaseAddresses = new StringCollection(config_server_baseAdress);
List <ServerSecurityPolicy> config_server_policies = new List <ServerSecurityPolicy>();
ServerSecurityPolicy tmp_pol1 = new ServerSecurityPolicy();
tmp_pol1.SecurityMode = MessageSecurityMode.SignAndEncrypt;
tmp_pol1.SecurityPolicyUri = @"http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256";
config_server_policies.Add(tmp_pol1);
ServerSecurityPolicy tmp_pol2 = new ServerSecurityPolicy();
tmp_pol2.SecurityMode = MessageSecurityMode.None;
tmp_pol2.SecurityPolicyUri = @"http://opcfoundation.org/UA/SecurityPolicy#None";
config_server_policies.Add(tmp_pol2);
ServerSecurityPolicy tmp_pol3 = new ServerSecurityPolicy();
tmp_pol3.SecurityMode = MessageSecurityMode.Sign;
tmp_pol3.SecurityPolicyUri = @"";
config_server_policies.Add(tmp_pol3);
ServerSecurityPolicy tmp_pol4 = new ServerSecurityPolicy();
tmp_pol4.SecurityMode = MessageSecurityMode.SignAndEncrypt;
tmp_pol4.SecurityPolicyUri = @"";
ServerSecurityPolicyCollection config_server_policy = new ServerSecurityPolicyCollection(config_server_policies);
config_server.SecurityPolicies = config_server_policy;
List <UserTokenPolicy> config_server_userTokenPolicies = new List <UserTokenPolicy>();
config_server_userTokenPolicies.Add(new UserTokenPolicy(UserTokenType.Anonymous));
config_server_userTokenPolicies.Add(new UserTokenPolicy(UserTokenType.UserName));
config_server_userTokenPolicies.Add(new UserTokenPolicy(UserTokenType.Certificate));
config_server.UserTokenPolicies = new UserTokenPolicyCollection(config_server_userTokenPolicies);
config_server.DiagnosticsEnabled = false;
config_server.MaxSessionCount = 100;
config_server.MinSessionTimeout = 10000;
config_server.MaxSessionTimeout = 3600000;
config_server.MaxBrowseContinuationPoints = 10;
config_server.MaxQueryContinuationPoints = 10;
config_server.MaxHistoryContinuationPoints = 100;
config_server.MaxRequestAge = 600000;
config_server.MinPublishingInterval = 100;
config_server.MaxPublishingInterval = 3600000;
config_server.PublishingResolution = 50;
config_server.MaxSubscriptionLifetime = 3600000;
config_server.MaxMessageQueueSize = 10;
config_server.MaxNotificationQueueSize = 100;
config_server.MaxNotificationsPerPublish = 1000;
config_server.MinMetadataSamplingInterval = 1000;
List <SamplingRateGroup> config_server_samplingRateGroups = new List <SamplingRateGroup>();
config_server_samplingRateGroups.Add(new SamplingRateGroup(5, 5, 20));
config_server_samplingRateGroups.Add(new SamplingRateGroup(100, 100, 4));
config_server_samplingRateGroups.Add(new SamplingRateGroup(500, 250, 2));
config_server_samplingRateGroups.Add(new SamplingRateGroup(1000, 500, 20));
config_server.AvailableSamplingRates = new SamplingRateGroupCollection(config_server_samplingRateGroups);
config_server.MaxRegistrationInterval = 30000;
#endregion
config.ServerConfiguration = config_server;
//config.SourceFilePath = null;
#region TraceConfiguration
TraceConfiguration config_traceConfiguration = new TraceConfiguration();
config_traceConfiguration.OutputFilePath = @"Logs\Quickstarts.BoilerServer.log.txt";
config_traceConfiguration.DeleteOnLoad = true;
config_traceConfiguration.TraceMasks = 515;
#endregion
config.TraceConfiguration = config_traceConfiguration;
config.TransportConfigurations = new TransportConfigurationCollection();
#region TransportQuotas
TransportQuotas config_transportQuotas = new TransportQuotas();
config_transportQuotas.OperationTimeout = 600000;
config_transportQuotas.MaxStringLength = 1048576;
config_transportQuotas.MaxByteStringLength = 1048576;
config_transportQuotas.MaxArrayLength = 65535;
config_transportQuotas.ChannelLifetime = 300000;
config_transportQuotas.SecurityTokenLifetime = 3600000;
#endregion
config.TransportQuotas = config_transportQuotas;
return(config);
}
