UpdateCertificate is used to update a Certificate for a Server.

There are the following three use cases for this Method:

The Server shall do all normal integrity checks on the Certificate and all of the issuer Certificates. If errors occur the Bad_SecurityChecksFailed error is returned.

The Server shall report an error if the public key does not match the existing Certificate and the privateKey was not provided.

If the Server returns applyChangesRequired =FALSE then it is indicating that it is able to satisfy the requirements specified for the ApplyChanges Method.

This Method shall be called from an encrypted SecureChannel and from a Client that has access to the SecurityAdmin Role (see 7.2).

Signature

UpdateCertificate(

[in] NodeId certificateGroupId

[in] NodeId certificateTypeId

[in] ByteString certificate

[in] ByteString[] issuerCertificates

[in] String privateKeyFormat

[in] ByteString privateKey

[out] Boolean applyChangesRequired

);

Argument

Description

certificateGroupId

The NodeId of the Certificate Group Object which is affected by the update.

If null the DefaultApplicationGroup is used.

certificateTypeId

The type of Certificate being updated. The set of permitted types is specified by the CertificateTypes Property belonging to the Certificate Group.

certificate

The DER encoded Certificate which replaces the existing Certificate.

issuerCertificates

The issuer Certificates needed to verify the signature on the new Certificate.

privateKeyFormat

The format of the Private Key (PKCS #12 encoded and PKCS #8 Base64 encoded DER (see RFC 5958) ). If the privateKey is not specified the privateKeyFormat is null or empty.

privateKey

The Private Key encoded in the privateKeyFormat.

applyChangesRequired

Indicates that the ApplyChanges Method shall be called before the new Certificate will be used.

Method Result Codes (defined in Call Service)

Result Code

Description

Bad_InvalidArgument

The certificateTypeId or certificateGroupId is not valid.

Bad_CertificateInvalid

The Certificate is invalid or the format is not supported.

Bad_NotSupported

The PrivateKey is invalid or the format is not supported.

Bad_UserAccessDenied

The current user does not have the rights required.

Bad_SecurityChecksFailed

Some failure occurred verifying the integrity of the Certificate.

Table 65 specifies the AddressSpace representation for the UpdateCertificate Method.

Table 65 – UpdateCertificate Method AddressSpace Definition

Attribute

Value

BrowseName

0:UpdateCertificate

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

HasProperty

Variable

InputArguments

Argument[]

PropertyType

Mandatory

HasProperty

Variable

OutputArguments

Argument[]

PropertyType

Mandatory