The parameter ClientCipherSuite defines the DTLS 1.3 cipher suite that is used for data security of the PubSub communication. Supported cipher suites are described in Part 7. This is the cipher suite sent from the client-side in the DTLS handshake.

Note that the cipher suite describes the data encryption and data authenticity algorithms used. Key agreement and certificate signature algorithms are designated via the OPC UA Client Server Security Policy.

The client cipher suite is configured at the PubSubConnection level. This parameter denotes the single cipher suite that the DTLS client will offer in the DTLS handshake. This cipher suite must match a cipher suite entry configured in ServerCipherSuites for the server side of the DTLS handshake. If this variable is not configured (e.g. set to the null string) then for a given PubSubConnection the device is meant to act as a server.