The AddCertificate Method allows a Client to add a single Certificate to the Trust List. The Server shall verify that the Certificate is valid according to the rules defined in OPC 10000-4. If an invalid Certificate is found the Server shall return an error and shall not update the Trust List.
If the Certificate is issued by a CA then the Client shall provide the entire chain in the certificate argument (see OPC 10000-6). After validating the Certificate, the Server shall add the CA Certificates to the Issuers list in the Trust List. The leaf Certificate is added to the list specified by the isTrustedCertificate argument.
This method cannot be called if the file object is open.
AddCertificate(
[in] ByteString certificate
[in] Boolean isTrustedCertificate
);
|
Argument |
Description |
|
Certificate |
The DER encoded Certificate to add. |
|
isTrustedCertificate |
If TRUE the Certificate is added to the Trusted Certificates List. If FALSE the Certificate is added to the Issuer Certificates List. |
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_CertificateInvalid |
The certificate to add is invalid. |
|
Bad_InvalidState |
The object is opened. |
Table 16 specifies the AddressSpace representation for the AddCertificate Method.
Table 16 – AddCertificate Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
AddCertificate |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |