7 Common parameter type definitions ToC Previous Next

7.3 ApplicationInstanceCertificate ToC Previous Next

An ApplicationInstanceCertificate is a ByteString containing an encoded Certificate. The encoding of an ApplicationInstanceCertificate depends on the security technology mapping and is defined completely in OPC 10000-6. Table 114 specifies the information that should be contained in an ApplicationInstanceCertificate.

Table 114 – ApplicationInstanceCertificate

Name Type Description
ApplicationInstanceCertificate structure ApplicationInstanceCertificate   with signature created by a Certificate Authority.
   version String An identifier for the version of the Certificate encoding.
   serialNumber ByteString A unique identifier for the Certificate assigned by the Issuer.
   signatureAlgorithm String    The algorithm used to sign the Certificate. The syntax of this field depends on the Certificate encoding.
   signature ByteString The signature created by the Issuer.
   issuer Structure A name that identifies the Issuer Certificate used to create the signature.
   validFrom UtcTime When the Certificate becomes valid.
   validTo UtcTime When the Certificate expires.
   subject Structure    A name that identifies the application instance that the Certificate describes.This field should contain the productName and the name of the organization responsible for the application instance.
   applicationUri String    The applicationUri specified in the ApplicationDescription.The ApplicationDescription is described in 7.2.
   hostnames [] String    The name of the machine where the application instance runs.   A machine may have multiple names if is accessible via multiple networks.   The hostname may be a numeric network address or a descriptive name.Server   Certificates   should have at least one hostname defined.
   publicKey ByteString The public key associated with the Certificate.
   keyUsage [] String    Specifies how the Certificate key may be used.   ApplicationInstanceCertificates   should support Digital Signature, Non-Repudiation Key Encryption, Data Encryption and Client/Server Authorization.The contents of this field depend on the Certificate encoding.

Previous Next