Search

11 result(s) for Issuer

• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  6.1.3 Determining if a Certificate is trusted
  There are two separate lists: a list of trusted Certificates and a list of issuer Certificates (i.e. CAs). The list of trusted Certificates may contain a Certificate issued to another ... Application or it may be a Certificate belonging to a CA. The list of issuer Certificates contains CA Certificates needed for chain validation that are not in the list
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  6.1.4 Creating a SecureChannel
  Certificate to the Certificate Revocation List (CRL) for the Issuer Certificate . Administrators may save a local copy of the CRL for each Issuer Certificate when online access is not available
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  7.3 ApplicationInstanceCertificate
  Certificate encoding. serialNumber ByteString A unique identifier for the Certificate assigned by the Issuer. signatureAlgorithm String The algorithm used to sign the Certificate . The syntax of this field depends ... Certificate encoding. signature ByteString The signature created by the Issuer. issuer Structure A name that identifies the Issuer Certificate used to create the signature. validFrom UtcTime When the Certificate becomes
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  7.38.2 Common StatusCodes
  Certificate chain is incomplete. Bad_CertificateIssuerRevocationUnknown It was not possible to determine if the Issuer Certificate has been revoked. Bad_CertificateIssuerUseNotAllowed The Issuer Certificate may not be used ... requested operation. Bad_CertificateIssuerTimeInvalid An Issuer Certificate has expired or is not yet valid. Bad_CertificateIssuerRevoked The Issuer Certificate has been revoked. Bad_CertificateInvalid The Certificate provided as a parameter
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.1 Security Handshake and Security Policies
  issued Certificates shall be less than or equal to the key length of the issuer Certificate . See 6.2.6 for information on Certificate chains. The CertificateKeyAlgorithm and EphemeralKeyAlgorithm are used ... need to be supported for each SecurityPolicy . The CertificateSignatureAlgorithm applies the Certificate and all Issuer Certificates . If a CertificateSignatureAlgorithm allows for more than one algorithm then the algorithms are listed
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.2.2 Application Instance Certificate
  version shall be "V3" serialNumber serialNumber The serial number assigned by the issuer. signatureAlgorithm signatureAlgorithm The algorithm used to sign the Certificate . signature signature The signature created ... Issuer. issuer issuer The distinguished name of the Certificate used to create the signature. The issuer field is completely described in IETF RFC 5280 . validity validTo, validFrom When the Certificate
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.2.4 Issuer (CA) Certificates
  Issuer (CA) Certificates An Issuer or CA Certificate is an X.509 v3 Certificate that identifies an authority that issues Certificates . An Issuer Certificate may identify a root ... authority identified by an intermediate CA or root CA. The X.509 v3 fields in Issuer Certificates with specific requirements are shown in Table 52 . Table 52 - Issuer Certificate Field Description
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  E.6 CertificateValidationOptions
  Ignore mismatches between the host name or ApplicationUri . SuppressRevocationStatusUnknown 2 Ignore errors if the issuer's revocation list cannot be found. CheckRevocationStatusOnline 3 Check the revocation status online ... CheckRevocationStatusOffline bit is set. Otherwise, validation fails. This option is specified for Issuer Certificates and used when validating Certificates issued by that Issuer. CheckRevocationStatusOffline 4 Check the revocation status offline
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.7.4 Update Single Certificate Workflow
  generate PrivateKeys . This step is skipped when this is the case. Request Certificate from Issuer. The CertificateManager requests a new Certificate from the Issuer . The CertificateManager generates a PrivateKey
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  6.1 Tickets
  signed with a Certificate issued to the Manufacturer by a well-known root CA. Issuer Certificates for Certificates used to sign Tickets shall have the cRLDistributionPoints or authorityInfoAccess extensions defined
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  8.2.6 CertificateAuthorityType
  Certificate used to issue Certificates. issuerCertificates 0:ByteString [] The DER encoded form of the Issuer for the authorityCertificate. It should include the entire chain. Its representation in the AddressSpace