/// <summary>
/// Create application configuration
/// </summary>
/// <param name="opcConfig"></param>
/// <param name="handler"></param>
/// <param name="createSelfSignedCertIfNone"></param>
/// <returns></returns>
public static ApplicationConfiguration ToApplicationConfiguration(
this IClientServicesConfig2 opcConfig, bool createSelfSignedCertIfNone,
CertificateValidationEventHandler handler)
{
if (string.IsNullOrWhiteSpace(opcConfig.ApplicationName))
{
throw new ArgumentNullException(nameof(opcConfig.ApplicationName));
}
var applicationConfiguration = new ApplicationConfiguration {
ApplicationName = opcConfig.ApplicationName,
ApplicationUri = opcConfig.ApplicationUri,
ProductUri = opcConfig.ProductUri,
ApplicationType = ApplicationType.Client,
TransportQuotas = opcConfig.ToTransportQuotas(),
SecurityConfiguration = opcConfig.ToSecurityConfiguration(),
ClientConfiguration = new ClientConfiguration(),
CertificateValidator = new CertificateValidator()
};
applicationConfiguration.CertificateValidator.CertificateValidation += handler;
X509Certificate2 certificate = null;
// use existing certificate, if it is there
certificate = applicationConfiguration.SecurityConfiguration.ApplicationCertificate.Find(true).Result;
// create a self signed certificate if there is none
if (certificate == null && createSelfSignedCertIfNone)
{
certificate = CertificateFactory.CreateCertificate(
applicationConfiguration.SecurityConfiguration.ApplicationCertificate.StoreType,
applicationConfiguration.SecurityConfiguration.ApplicationCertificate.StorePath,
null,
applicationConfiguration.ApplicationUri,
applicationConfiguration.ApplicationName,
applicationConfiguration.ApplicationName,
null,
CertificateFactory.defaultKeySize,
DateTime.UtcNow - TimeSpan.FromDays(1),
CertificateFactory.defaultLifeTime,
CertificateFactory.defaultHashSize
);
// update security information
applicationConfiguration.SecurityConfiguration.ApplicationCertificate.Certificate =
certificate ??
throw new Exception(
"OPC UA application certificate can not be created! Cannot continue without it!");
//await applicationConfiguration.CertificateValidator.UpdateCertificate(
//applicationConfiguration.SecurityConfiguration).ConfigureAwait(false);
}
applicationConfiguration.ApplicationUri = Utils.GetApplicationUriFromCertificate(certificate);
return(applicationConfiguration);
}
private void Initilization()
{
// 检查应用程序的证书
application.CheckApplicationInstanceCertificate(false, 0);
m_configuration = application.ApplicationConfiguration;
application.ConfigSectionName = "";
application.ApplicationType = application.ApplicationConfiguration.ApplicationType;
if (!string.IsNullOrEmpty(application.ApplicationConfiguration.ApplicationName))
{
application.ApplicationName = application.ApplicationConfiguration.ApplicationName;
}
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
}
/// <summary>
/// Main constructor
/// </summary>
public OpcUaClient()
{
ApplicationInstance application = new ApplicationInstance();
application.ConfigSectionName = "ReferenceClient";
application.ApplicationType = ApplicationType.Client;
// load the application configuration.
application.LoadApplicationConfiguration(false).Wait();
// check the application certificate.
application.CheckApplicationInstanceCertificate(false, 0).Wait();
//sets the application configuration
m_configuration = application.ApplicationConfiguration;
//event handler to validate the server certificate
m_CertificateValidation = new CertificateValidationEventHandler(Notification_ServerCertificate);
}
public DataSourceClient(ApplicationConfiguration configuration)
{
DataContractSerializer serializer = new DataContractSerializer(configuration.GetType());
// serialize and reload configuration to ensure object has its own copy.
MemoryStream ostrm = new MemoryStream();
XmlWriterSettings settings = new XmlWriterSettings();
settings.Encoding = System.Text.Encoding.UTF8;
settings.Indent = false;
settings.CloseOutput = true;
settings.ConformanceLevel = ConformanceLevel.Document;
settings.OmitXmlDeclaration = false;
XmlWriter writer = XmlDictionaryWriter.Create(ostrm, settings);
try
{
serializer.WriteObject(writer, configuration);
}
finally
{
writer.Close();
}
MemoryStream istrm = new MemoryStream(ostrm.ToArray());
XmlReader reader = XmlReader.Create(istrm);
m_configuration = (ApplicationConfiguration)serializer.ReadObject(reader, false);
m_configuration.Validate(ApplicationType.Client);
// always accept server certificates.
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
m_configuration.CertificateValidator.CertificateValidation += m_CertificateValidation;
m_monitoredItems = new Dictionary <uint, MonitoredItem>();
}
public DataSourceClient(ApplicationConfiguration configuration)
{
DataContractSerializer serializer = new DataContractSerializer(configuration.GetType());
// serialize and reload configuration to ensure object has its own copy.
MemoryStream ostrm = new MemoryStream();
XmlWriterSettings settings = new XmlWriterSettings();
settings.Encoding = System.Text.Encoding.UTF8;
settings.Indent = false;
settings.CloseOutput = true;
settings.ConformanceLevel = ConformanceLevel.Document;
settings.OmitXmlDeclaration = false;
XmlWriter writer = XmlDictionaryWriter.Create(ostrm, settings);
try
{
serializer.WriteObject(writer, configuration);
}
finally
{
writer.Close();
}
MemoryStream istrm = new MemoryStream(ostrm.ToArray());
XmlReader reader = XmlReader.Create(istrm);
m_configuration = (ApplicationConfiguration)serializer.ReadObject(reader, false);
m_configuration.Validate(ApplicationType.Client);
// always accept server certificates.
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
m_configuration.CertificateValidator.CertificateValidation += m_CertificateValidation;
m_monitoredItems = new Dictionary<uint, MonitoredItem>();
}
/// <summary>
/// Initializes the object.
/// </summary>
public ConnectServerCtrl()
{
InitializeComponent();
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
}
/// <summary>
/// Initializes the object.
/// </summary>
public ConnectServerCtrl()
{
InitializeComponent();
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
m_endpoints = new Dictionary <Uri, EndpointDescription>();
}
/// <summary>
/// Registers the server with the discovery server.
/// </summary>
/// <returns>Boolean value.</returns>
public async Task<bool> RegisterWithDiscoveryServer()
{
ApplicationConfiguration configuration = await ApplicationConfiguration.Load(new FileInfo(base.Configuration.SourceFilePath), ApplicationType.Server, null, false);
CertificateValidationEventHandler registrationCertificateValidator = new CertificateValidationEventHandler(RegistrationValidator_CertificateValidation);
configuration.CertificateValidator.CertificateValidation += registrationCertificateValidator;
try
{
// try each endpoint.
foreach (ConfiguredEndpoint endpoint in m_registrationEndpoints.Endpoints)
{
RegistrationClient client = null;
try
{
// update from the server.
bool updateRequired = true;
lock (m_registrationLock)
{
updateRequired = endpoint.UpdateBeforeConnect;
}
if (updateRequired)
{
endpoint.UpdateFromServer(m_bindingFactory);
}
lock (m_registrationLock)
{
endpoint.UpdateBeforeConnect = false;
}
// create the client.
client = RegistrationClient.Create(
configuration,
endpoint.Description,
endpoint.Configuration,
m_bindingFactory,
base.InstanceCertificate);
// register the server.
RequestHeader requestHeader = new RequestHeader();
requestHeader.Timestamp = DateTime.UtcNow;
client.OperationTimeout = 10000;
client.RegisterServer(requestHeader, m_registrationInfo);
return true;
}
catch (Exception e)
{
Utils.Trace("Register server failed for at: {0}. Exception={1}", endpoint.EndpointUrl, e.Message);
}
finally
{
if (client != null)
{
try
{
client.Close();
}
catch (Exception e)
{
Utils.Trace("Could not cleanly close connection with LDS. Exception={0}", e.Message);
}
}
}
}
}
finally
{
if (configuration != null)
{
configuration.CertificateValidator.CertificateValidation -= registrationCertificateValidator;
}
}
return false;
}
/// <summary>
/// Registers the server with the discovery server.
/// </summary>
/// <returns>Boolean value.</returns>
public bool RegisterWithDiscoveryServer()
{
ApplicationConfiguration configuration = string.IsNullOrEmpty(base.Configuration.SourceFilePath) ? base.Configuration : ApplicationConfiguration.Load(new FileInfo(base.Configuration.SourceFilePath), ApplicationType.Server, null, false);
CertificateValidationEventHandler registrationCertificateValidator = new CertificateValidationEventHandler(RegistrationValidator_CertificateValidation);
configuration.CertificateValidator.CertificateValidation += registrationCertificateValidator;
try
{
// try each endpoint.
foreach (ConfiguredEndpoint endpoint in m_registrationEndpoints.Endpoints)
{
RegistrationClient client = null;
try
{
// update from the server.
bool updateRequired = true;
lock (m_registrationLock)
{
updateRequired = endpoint.UpdateBeforeConnect;
}
if (updateRequired)
{
endpoint.UpdateFromServer(m_bindingFactory);
}
lock (m_registrationLock)
{
endpoint.UpdateBeforeConnect = false;
}
// create the client.
client = RegistrationClient.Create(
configuration,
endpoint.Description,
endpoint.Configuration,
m_bindingFactory,
base.InstanceCertificate);
// register the server.
RequestHeader requestHeader = new RequestHeader();
requestHeader.Timestamp = DateTime.UtcNow;
client.OperationTimeout = 10000;
try
{
ExtensionObjectCollection discoveryConfiguration = new ExtensionObjectCollection();
StatusCodeCollection configurationResults = null;
DiagnosticInfoCollection diagnosticInfos = null;
client.RegisterServer2(
requestHeader,
m_registrationInfo,
discoveryConfiguration,
out configurationResults,
out diagnosticInfos);
return true;
}
catch (Exception e)
{
// fall back to calling RegisterServer in case RegisterServer2 fails.
Utils.Trace("RegisterServer2 failed for: {0}. Falling back to RegisterServer. Exception={1}.", endpoint.EndpointUrl, e.Message);
client.RegisterServer(requestHeader, m_registrationInfo);
return true;
}
}
catch (Exception e)
{
Utils.Trace("RegisterServer failed for: {0}. Exception={1}", endpoint.EndpointUrl, e.Message);
}
finally
{
if (client != null)
{
try
{
client.Close();
}
catch (Exception e)
{
Utils.Trace("Could not cleanly close connection with LDS. Exception={0}", e.Message);
}
}
}
}
}
finally
{
if (configuration != null)
{
configuration.CertificateValidator.CertificateValidation -= registrationCertificateValidator;
}
}
return false;
}
/// <summary>
/// Create application configuration
/// </summary>
/// <param name="opcConfig"></param>
/// <param name="identity"></param>
/// <param name="createSelfSignedCertIfNone"></param>
/// <param name="handler"></param>
/// <returns></returns>
public static async Task <ApplicationConfiguration> ToApplicationConfigurationAsync(
this IClientServicesConfig opcConfig, IIdentity identity, bool createSelfSignedCertIfNone,
CertificateValidationEventHandler handler)
{
if (string.IsNullOrWhiteSpace(opcConfig.ApplicationName))
{
throw new ArgumentNullException(nameof(opcConfig.ApplicationName));
}
// wait with the configuration until network is up
for (var retry = 0; retry < 3; retry++)
{
if (NetworkInterface.GetIsNetworkAvailable())
{
break;
}
else
{
await Task.Delay(3000);
}
}
var applicationConfiguration = new ApplicationConfiguration {
ApplicationName = opcConfig.ApplicationName,
ProductUri = opcConfig.ProductUri,
ApplicationType = ApplicationType.Client,
TransportQuotas = opcConfig.ToTransportQuotas(),
CertificateValidator = new CertificateValidator(),
ClientConfiguration = new ClientConfiguration(),
ServerConfiguration = new ServerConfiguration()
};
try {
await Retry.WithLinearBackoff(null, new CancellationToken(),
async() => {
// try to resolve the hostname
var hostname = !string.IsNullOrWhiteSpace(identity?.Gateway) ?
identity.Gateway : !string.IsNullOrWhiteSpace(identity?.DeviceId) ?
identity.DeviceId : Utils.GetHostName();
var alternateBaseAddresses = new List <string>();
try {
alternateBaseAddresses.Add($"urn://{hostname}");
var hostEntry = Dns.GetHostEntry(hostname);
if (hostEntry != null)
{
alternateBaseAddresses.Add($"urn://{hostEntry.HostName}");
foreach (var alias in hostEntry.Aliases)
{
alternateBaseAddresses.Add($"urn://{alias}");
}
foreach (var ip in hostEntry.AddressList)
{
// only ad IPV4 addresses
switch (ip.AddressFamily)
{
case AddressFamily.InterNetwork:
alternateBaseAddresses.Add($"urn://{ip}");
break;
default:
break;
}
}
}
}
catch { }
applicationConfiguration.ApplicationUri =
opcConfig.ApplicationUri.Replace("urn:localhost", $"urn:{hostname}");
applicationConfiguration.SecurityConfiguration =
opcConfig.ToSecurityConfiguration(hostname);
applicationConfiguration.ServerConfiguration.AlternateBaseAddresses =
alternateBaseAddresses.ToArray();
await applicationConfiguration.Validate(applicationConfiguration.ApplicationType);
var application = new ApplicationInstance(applicationConfiguration);
var hasAppCertificate = await application.CheckApplicationInstanceCertificate(true,
CertificateFactory.DefaultKeySize);
if (!hasAppCertificate)
{
throw new InvalidConfigurationException("OPC UA application certificate invalid");
}
applicationConfiguration.CertificateValidator.CertificateValidation += handler;
await applicationConfiguration.CertificateValidator
.Update(applicationConfiguration.SecurityConfiguration);
},
e => true, 5);
}
catch (Exception e) {
throw new InvalidConfigurationException("OPC UA configuration not valid", e);
}
return(applicationConfiguration);
}
/// <summary>
/// Initializes the object.
/// </summary>
public ConnectServerCtrl()
{
InitializeComponent();
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
}
/// <summary>
/// Create application configuration
/// </summary>
/// <param name="opcConfig"></param>
/// <param name="handler"></param>
/// <param name="createSelfSignedCertIfNone"></param>
/// <returns></returns>
public static async Task <ApplicationConfiguration> ToApplicationConfigurationAsync(
this IClientServicesConfig opcConfig, bool createSelfSignedCertIfNone,
CertificateValidationEventHandler handler)
{
if (string.IsNullOrWhiteSpace(opcConfig.ApplicationName))
{
throw new ArgumentNullException(nameof(opcConfig.ApplicationName));
}
var applicationConfiguration = new ApplicationConfiguration {
ApplicationName = opcConfig.ApplicationName,
ApplicationUri = opcConfig.ApplicationUri,
ProductUri = opcConfig.ProductUri,
ApplicationType = ApplicationType.Client,
TransportQuotas = opcConfig.ToTransportQuotas(),
SecurityConfiguration = opcConfig.ToSecurityConfiguration(),
ClientConfiguration = new ClientConfiguration(),
CertificateValidator = new CertificateValidator()
};
applicationConfiguration.CertificateValidator.CertificateValidation += handler;
var configuredSubject = applicationConfiguration.SecurityConfiguration
.ApplicationCertificate.SubjectName;
applicationConfiguration.SecurityConfiguration.ApplicationCertificate.SubjectName =
applicationConfiguration.ApplicationName;
await applicationConfiguration.CertificateValidator
.Update(applicationConfiguration.SecurityConfiguration);
// use existing certificate, if present
var certificate = applicationConfiguration.SecurityConfiguration
.ApplicationCertificate.Certificate;
// create a self signed certificate if there is none
if (certificate == null && createSelfSignedCertIfNone)
{
certificate = CertificateFactory.CreateCertificate(
applicationConfiguration.SecurityConfiguration
.ApplicationCertificate.StoreType,
applicationConfiguration.SecurityConfiguration
.ApplicationCertificate.StorePath,
null,
applicationConfiguration.ApplicationUri,
applicationConfiguration.ApplicationName,
configuredSubject,
null,
CertificateFactory.defaultKeySize,
DateTime.UtcNow - TimeSpan.FromDays(1),
CertificateFactory.defaultLifeTime,
CertificateFactory.defaultHashSize
);
if (certificate == null)
{
throw new Exception(
"OPC UA application certificate can not be created! Cannot continue without it!");
}
applicationConfiguration.SecurityConfiguration
.ApplicationCertificate.Certificate = certificate;
try {
// copy the certificate *public key only* into the trusted certificates list
using (ICertificateStore trustedStore = applicationConfiguration
.SecurityConfiguration.TrustedPeerCertificates.OpenStore()) {
using (var publicKey = new X509Certificate2(certificate.RawData)) {
trustedStore.Add(publicKey.YieldReturn());
}
}
}
catch { }
// update security information
await applicationConfiguration.CertificateValidator.UpdateCertificate(
applicationConfiguration.SecurityConfiguration);
}
applicationConfiguration.ApplicationUri = Utils.GetApplicationUriFromCertificate(certificate);
return(applicationConfiguration);
}
/// <summary>
/// Initializes the object.
/// </summary>
public ServerConnection()
{
m_CertificateValidation = new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
}
/// <summary>
/// Registers the server with the discovery server.
/// </summary>
/// <returns>Boolean value.</returns>
public async Task<bool> RegisterWithDiscoveryServer()
{
ApplicationConfiguration configuration = string.IsNullOrEmpty(base.Configuration.SourceFilePath) ? base.Configuration : await ApplicationConfiguration.Load(new FileInfo(base.Configuration.SourceFilePath), ApplicationType.Server, null, false);
CertificateValidationEventHandler registrationCertificateValidator = new CertificateValidationEventHandler(RegistrationValidator_CertificateValidation);
configuration.CertificateValidator.CertificateValidation += registrationCertificateValidator;
try
{
// try each endpoint.
if (m_registrationEndpoints != null)
{
foreach (ConfiguredEndpoint endpoint in m_registrationEndpoints.Endpoints)
{
RegistrationClient client = null;
int i = 0;
while (i++ < 2)
{
try
{
// update from the server.
bool updateRequired = true;
lock (m_registrationLock)
{
updateRequired = endpoint.UpdateBeforeConnect;
}
if (updateRequired)
{
endpoint.UpdateFromServer();
}
lock (m_registrationLock)
{
endpoint.UpdateBeforeConnect = false;
}
RequestHeader requestHeader = new RequestHeader();
requestHeader.Timestamp = DateTime.UtcNow;
// create the client.
client = RegistrationClient.Create(
configuration,
endpoint.Description,
endpoint.Configuration,
base.InstanceCertificate);
client.OperationTimeout = 10000;
// register the server.
if (m_useRegisterServer2)
{
ExtensionObjectCollection discoveryConfiguration = new ExtensionObjectCollection();
StatusCodeCollection configurationResults = null;
DiagnosticInfoCollection diagnosticInfos = null;
client.RegisterServer2(
requestHeader,
m_registrationInfo,
discoveryConfiguration,
out configurationResults,
out diagnosticInfos);
}
else
{
client.RegisterServer(requestHeader, m_registrationInfo);
}
return true;
}
catch (Exception e)
{
Utils.Trace("RegisterServer{0} failed for at: {1}. Exception={2}",
m_useRegisterServer2 ? "2" : "", endpoint.EndpointUrl, e.Message);
m_useRegisterServer2 = !m_useRegisterServer2;
}
finally
{
if (client != null)
{
try
{
client.Close();
client = null;
}
catch (Exception e)
{
Utils.Trace("Could not cleanly close connection with LDS. Exception={0}", e.Message);
}
}
}
}
}
// retry to start with RegisterServer2 if both failed
m_useRegisterServer2 = true;
}
}
finally
{
if (configuration != null)
{
configuration.CertificateValidator.CertificateValidation -= registrationCertificateValidator;
}
}
return false;
}
/// <summary>
/// Build the opc ua stack application configuration
/// </summary>
public static async Task <ApplicationConfiguration> BuildApplicationConfigurationAsync(
this IClientServicesConfig opcConfig,
IIdentity identity,
CertificateValidationEventHandler handler,
ILogger logger)
{
if (string.IsNullOrWhiteSpace(opcConfig.ApplicationName))
{
throw new ArgumentNullException(nameof(opcConfig.ApplicationName));
}
// wait with the configuration until network is up
for (var retry = 0; retry < 3; retry++)
{
if (NetworkInterface.GetIsNetworkAvailable())
{
break;
}
else
{
await Task.Delay(3000);
}
}
var appInstance = new ApplicationInstance {
ApplicationName = opcConfig.ApplicationName,
ApplicationType = ApplicationType.Client,
};
try {
await Retry.WithLinearBackoff(null, new CancellationToken(),
async() => {
// try to resolve the hostname
var hostname = !string.IsNullOrWhiteSpace(identity?.Gateway)
? identity.Gateway
: !string.IsNullOrWhiteSpace(identity?.DeviceId)
? identity.DeviceId
: Utils.GetHostName();
var appBuilder = appInstance
.Build(
opcConfig.ApplicationUri.Replace("urn:localhost", $"urn:{hostname}"),
opcConfig.ProductUri)
.SetTransportQuotas(opcConfig.ToTransportQuotas())
.AsClient();
var appConfig = await opcConfig
.BuildSecurityConfiguration(
appBuilder,
appInstance.ApplicationConfiguration,
hostname)
.ConfigureAwait(false);
appConfig.CertificateValidator.CertificateValidation += handler;
var ownCertificate = appConfig.SecurityConfiguration.ApplicationCertificate.Certificate;
if (ownCertificate == null)
{
logger.Information("No application own certificate found. Creating a self-signed " +
"own certificate valid since yesterday for {defaultLifeTime} months, with a " +
"{defaultKeySize} bit key and {defaultHashSize} bit hash.",
CertificateFactory.DefaultLifeTime,
CertificateFactory.DefaultKeySize,
CertificateFactory.DefaultHashSize);
}
else
{
logger.Information("Own certificate Subject '{subject}' (thumbprint: {thumbprint}) loaded.",
ownCertificate.Subject, ownCertificate.Thumbprint);
}
var hasAppCertificate = await appInstance
.CheckApplicationInstanceCertificate(
true,
CertificateFactory.DefaultKeySize,
CertificateFactory.DefaultLifeTime)
.ConfigureAwait(false);
if (!hasAppCertificate ||
appConfig.SecurityConfiguration.ApplicationCertificate.Certificate == null)
{
logger.Error("Failed to load or create application own certificate.");
throw new InvalidConfigurationException("OPC UA application own certificate invalid");
}
if (ownCertificate == null)
{
ownCertificate = appConfig.SecurityConfiguration.ApplicationCertificate.Certificate;
logger.Information("Own certificate Subject '{subject}' (thumbprint: {thumbprint}) created.",
ownCertificate.Subject, ownCertificate.Thumbprint);
}
await ShowCertificateStoreInformationAsync(appConfig, logger)
.ConfigureAwait(false);
},
e => true, 5);
}
catch (Exception e) {
throw new InvalidConfigurationException("OPC UA configuration not valid", e);
}
return(appInstance.ApplicationConfiguration);
}
