This type defines an ObjectType which represents the configuration of a Server which supports PushManagement. Its values are defined in Table 64. There is always a well-known instance in the Server AddressSpace (see 7.10.3) that can be use to configure a Server.
Table 64 – ServerConfigurationType Definition
|
Attribute |
Value |
|||||
|
BrowseName |
0:ServerConfigurationType |
|||||
|
IsAbstract |
False |
|||||
|
References |
NodeClass |
BrowseName |
DataType |
Type Definition |
Modelling Rule |
|
|
Subtype of the BaseObjectType defined in OPC 10000-5. |
||||||
|
0:HasProperty |
Variable |
0:ApplicationUri |
0:UriString |
0:PropertyType |
Optional |
|
|
0:HasProperty |
Variable |
0:ProductUri |
0:UriString |
0:PropertyType |
Optional |
|
|
0:HasProperty |
Variable |
0:ApplicationType |
0:ApplicationType |
0:PropertyType |
Optional |
|
|
0:HasProperty |
Variable |
0:ApplicationNames |
0:LocalizedText[] |
0:PropertyType |
Optional |
|
|
0:HasProperty |
Variable |
0:ServerCapabilities |
0:String[] |
0:PropertyType |
Mandatory |
|
|
0:HasProperty |
Variable |
0:SupportedPrivateKeyFormats |
0:String[] |
0:PropertyType |
Mandatory |
|
|
0:HasProperty |
Variable |
0:MaxTrustListSize |
0:UInt32 |
0:PropertyType |
Mandatory |
|
|
0:HasProperty |
Variable |
0:MulticastDnsEnabled |
0:Boolean |
0:PropertyType |
Mandatory |
|
|
0:HasProperty |
Variable |
0:HasSecureElement |
0:Boolean |
0:PropertyType |
Optional |
|
|
0:HasProperty |
Variable |
0:SupportsTransactions |
0:Boolean |
0:PropertyType |
Optional |
|
|
0:HasProperty |
Variable |
0:InApplicationSetup |
0:Boolean |
0:PropertyType |
Optional |
|
|
0:HasComponent |
Method |
0:UpdateCertificate |
See 7.10.5. |
Mandatory |
||
|
0:HasComponent |
Method |
0:GetCertificates |
See 7.10.6. |
Optional |
||
|
0:HasComponent |
Method |
0:ApplyChanges |
See 7.10.7. |
Mandatory |
||
|
0:HasComponent |
Method |
0:CancelChanges |
See 7.10.9. |
Optional |
||
|
0:HasComponent |
Method |
0:CreateSigningRequest |
See 7.10.8. |
Mandatory |
||
|
0:HasComponent |
Method |
0:GetRejectedList |
See 7.10.10. |
Mandatory |
||
|
0:HasComponent |
Method |
0:ResetToServerDefaults |
See 7.10.11. |
Optional |
||
|
0:HasComponent |
Object |
0:CertificateGroups |
|
0:CertificateGroupFolderType |
Mandatory |
|
|
0:HasComponent |
Object |
0:TransactionDiagnostics |
|
0:TransactionDiagnosticsType |
Optional |
|
|
|
||||||
|
Conformance Units |
||||||
|
Push Model for Global Certificate and TrustList Management |
||||||
The CertificateGroups Object organizes the Certificate Groups supported by the Server. It is described in 7.8.4.6. Servers shall support the DefaultApplicationGroup and may support the DefaultHttpsGroup or the DefaultUserTokenGroup. Servers may support additional Certificate Groups depending on their requirements. For example, a Server with two network interfaces should have a different TrustList for each interface. The second TrustList would be represented as a new CertificateGroupType Object organized by CertificateGroups Folder.
The ApplicationUri Property specifies the ApplicationUri assigned to the Server. It can be updated by a Client with access to the SecurityAdmin Role.
The ApplicationNames Property is a list of localized names for the application that may be used to when registering with a GDS.
The ProductUri Property specifies the ProductUri for the Server that appears in the ApplicationDescription. It is read-only.
The ApplicationType Property specifies the ApplicationType for the Server that appears in the ApplicationDescription. It is read-only.
The ServerCapabilities Property specifies the capabilities from Annex D which the Server supports. The value is the same as the value reported to the LocalDiscoveryServer when the Server calls the RegisterServer2 Service.
The SupportedPrivateKeyFormats specifies the PrivateKey formats supported by the Server. Possible values include “PEM” (see RFC 5958) or “PFX” (see PKCS #12). The array is empty if the Server does not allow external Clients to update the PrivateKey.
The MaxTrustListSize is the maximum size of the TrustList in bytes. 0 means no limit. The default is 65 535 bytes.
If MulticastDnsEnabled is TRUE then the Server announces itself using multicast DNS. It can be changed by writing to the Variable.
If HasSecureElement is TRUE then the Server has access to hardware based secure storage for the PrivateKeys associated with its Certificates.
If the SupportsTransactions Property is TRUE, the Server supports the transaction lifecyle defined in 7.10.2. If it is FALSE or not present, the Server only supports delaying application of changes until ApplyChanges is called.
If the InApplicationSetup Property is TRUE then the Server is in the application setup state described in G.2.The UpdateCertificate Method is used to update a Certificate.
The GetCertificates Method returns the Certificates assigned to each of the CertificateTypes in a CertificateGroup.
The ApplyChanges Method is used complete changes made to CertificateGroups and/or TrustLists within the context of a transaction.
The CancelChanges Method is used to cancel an existing transaction.
The CreateSigningRequest Method asks the Server to create a PKCS #10 encoded Certificate Request that is signed with the Server’s private key.
The GetRejectedList Method returns the list of Certificates which have been rejected by the Server. It can be used to track activity or allow administrators to move a rejected Certificate into the TrustList. This Method is the a shortcut for the GetRejectedList Method (see 7.8.3.2) on the DefaultApplicationGroup CertificateGroup (see 7.8.3.3).
The ResetToServerDefaults Method is used reset the Server security configuration to a default state.
The TransactionDiagnostics Object reports detailed error information for the current or most recently completed transaction. The TransactionDiagnostics Object is only visible to Clients with access to the SecurityAdmin Role.