// This method creates a new certificate which can be used for the UWP application. // Note that the certificate is saved at Downloads/Client.Uwp/Client.Uwp.pfx. // To take use of the certificate you may copy it to the Assets of the project and // change the "Build Action"-Property of the file (in Visual Studio) to "Content". private async void CreateCertificate() { var settings = new OpcCertificateSettings("Client.Uwp"); var certificate = OpcCertificateManager.CreateCertificate(settings); var newFile = await DownloadsFolder.CreateFileAsync("Client.Uwp.pfx"); using (var stream = await newFile.OpenStreamForWriteAsync()) { var data = certificate.Export(X509ContentType.Pfx); stream.Write(data, 0, data.Length); } }
public RunOpc(ref EventLog log, ServiceConfig.OPC config) { _eventLog = log; _client.ApplicationName = AppDomain.CurrentDomain.FriendlyName; _client.ApplicationUri = new Uri($"urn::{AppDomain.CurrentDomain.FriendlyName}"); _client.SessionName = "Server Monitoring"; _client.ServerAddress = new Uri($"opc.tcp:\\\\{config.ServerAddress}:{config.ServerPort}"); if (!File.Exists(AppDomain.CurrentDomain.BaseDirectory + "Settings\\OpcConfiguration\\config.xml")) { if (config.Auth.AnonymousLogin != null && config.Auth.AnonymousLogin == false) { try { // Default: ".\CertificateStores\Trusted" _client.CertificateStores.ApplicationStore.Path = AppDomain.CurrentDomain.BaseDirectory + "Settings\\App Certificates"; if (!Directory.Exists(_client.CertificateStores.ApplicationStore.Path)) { Directory.CreateDirectory(_client.CertificateStores.ApplicationStore.Path); } // Default: ".\CertificateStores\Rejected" _client.CertificateStores.RejectedStore.Path = AppDomain.CurrentDomain.BaseDirectory + "Settings\\Rejected Certificates"; if (!Directory.Exists(_client.CertificateStores.RejectedStore.Path)) { Directory.CreateDirectory(_client.CertificateStores.RejectedStore.Path); } // Default: ".\CertificateStores\Trusted" _client.CertificateStores.TrustedIssuerStore.Path = AppDomain.CurrentDomain.BaseDirectory + "Settings\\Trusted Issuer Certificates"; if (!Directory.Exists(_client.CertificateStores.TrustedIssuerStore.Path)) { Directory.CreateDirectory(_client.CertificateStores.TrustedIssuerStore.Path); } // Default: ".\CertificateStores\Trusted" _client.CertificateStores.TrustedPeerStore.Path = AppDomain.CurrentDomain.BaseDirectory + "Settings\\Trusted Peer Certificates"; if (!Directory.Exists(_client.CertificateStores.TrustedPeerStore.Path)) { Directory.CreateDirectory(_client.CertificateStores.TrustedPeerStore.Path); } var certificate = OpcCertificateManager.CreateCertificate(_client); _client.CertificateStores.ApplicationStore.Add(certificate); _client.Certificate = certificate; OpcCertificateManager.SaveCertificate("Certificate", certificate); _client.Security.UserIdentity = new OpcClientIdentity(config.Auth.Username, config.Auth.Password); _client.Security.EndpointPolicy = new OpcSecurityPolicy(OpcSecurityMode.SignAndEncrypt, OpcSecurityAlgorithm.Auto); _client.Security.VerifyServersCertificateDomains = true; _client.Security.AutoAcceptUntrustedCertificates = true; _client.CertificateValidationFailed += ClientOnCertificateValidationFailed; } catch (Exception e) { _eventLog.WriteEntry($"Error with OPC Certification.\n{e.Message}\n\n{e.InnerException}\n\n{e.StackTrace}", EventLogEntryType.Error, (int)EventIds.Ids.OpcCertificateError); Environment.Exit(1); } } else { _client.Security.AutoAcceptUntrustedCertificates = true; } _client.Configuration.ApplicationName = _client.ApplicationName; _client.Configuration.ApplicationType = ApplicationType.Client; _client.Configuration.ApplicationUri = _client.ApplicationUri.AbsoluteUri; _client.Configuration.CertificateValidator = new CertificateValidator(); _client.Configuration.ClientConfiguration.DefaultSessionTimeout = 10; _client.Configuration.ProductUri = _client.ApplicationName; _client.Configuration.Validate(); if (!Directory.Exists(AppDomain.CurrentDomain.BaseDirectory + "Settings\\OpcConfiguration")) { Directory.CreateDirectory(AppDomain.CurrentDomain.BaseDirectory + "Settings\\OpcConfiguration"); } _client.Configuration.SaveToFile(AppDomain.CurrentDomain.BaseDirectory + "Settings\\OpcConfiguration\\config.xml"); } else { _client.Configuration = OpcApplicationConfiguration.LoadClientConfigFile(AppDomain.CurrentDomain.BaseDirectory + "Settings\\OpcConfiguration\\config.xml"); if (config.Auth.AnonymousLogin != null && config.Auth.AnonymousLogin == false) { try { // Default: ".\CertificateStores\Trusted" _client.CertificateStores.ApplicationStore.Path = AppDomain.CurrentDomain.BaseDirectory + "Settings\\App Certificates"; var certPath = _client.CertificateStores.ApplicationStore.Path + $"\\private\\{_client.ApplicationName} [{_client.Configuration.SecurityConfiguration.ApplicationCertificate.Thumbprint}].pfx"; _client.Certificate = OpcCertificateManager.LoadCertificate(certPath); _client.CertificateStores.RejectedStore.GetCertificates(); _client.CertificateStores.TrustedIssuerStore.GetCertificates(); _client.CertificateStores.TrustedPeerStore.GetCertificates(); _client.Security.UserIdentity = new OpcClientIdentity(config.Auth.Username, config.Auth.Password); _client.Security.EndpointPolicy = new OpcSecurityPolicy(OpcSecurityMode.SignAndEncrypt, OpcSecurityAlgorithm.Auto); _client.Security.VerifyServersCertificateDomains = true; _client.Security.AutoAcceptUntrustedCertificates = true; _client.CertificateValidationFailed += ClientOnCertificateValidationFailed; } catch (Exception e) { _eventLog.WriteEntry($"Error with OPC Certification.\n{e.Message}\n\n{e.StackTrace}\n\n{e.InnerException}", EventLogEntryType.Error, (int)EventIds.Ids.OpcCertificateError); Environment.Exit(1); } } else { _client.Security.AutoAcceptUntrustedCertificates = true; } } _client.Connect(); }