7.4 Push Management

PushManagement is targeted at applications that can be configured with a CertificateManager or agent acting as a Client. The Methods defined in 7.10 are used to create a CertificateRequest which can be passed onto the registration authority managed by the CertificateManager. After the registration authority signs the Certificate, the new Certificate is pushed to the Server with the UpdateCertificate Method.

There are two use cases for PushManagement:

The second use case requires a Server acting as a proxy for the application being managed.

The interactions between an Application and CertificateManager during PushManagement are illustrated in Figure 14.

image017.png

Figure 14 – The Push Certificate Management Model

The Administration Component may be part of the CertificateManager or a standalone utility that uses OPC UA to communicate with the CertificateManager (see 7.3 for a more complete description of the interactions required for this use case). The Configuration Database is used by the Server to persist its configuration information. The RegisterApplication Method (or internal equivalent) is assumed to have been called before the sequence in the diagram starts.

A similar process is used to renew certificates or to periodically update TrustList. In Figure 14 the TrustList update is shown to happen first. This is necessary to ensure any CRLs are provided to the Server before the new Certificate is updated. The TrustList update may be skipped If the current TrustList allows the Server to validate the new Certificate.

Security when using the PushManagement model requires an encrypted channel and a Client with access to the SecurityAdmin Role. For example, SecurityAdmin Role could be mapped to user credentials for an administrator or to a ApplicationInstance Certificate issued to a configuration tool. OPC 10000-21 defines a mechanism to install administrative Client Certificates into the Server TrustList.