Certificate management functions comprise the management and distribution of certificates and Trust Lists for OPC UA Applications. An application that provides the certificate management functions is called CertificateManager. GDS and CertificateManager will typically be combined in one application. The basic concepts regarding Certificate management are described in OPC 10000-2.
There are two primary models for Certificate management: pull and push management. In pull management, the application acts as a Client and uses the Methods on the CertificateManager to request and update Certificates and Trust Lists. The application is responsible for ensuring the Certificates and Trust Lists are kept up to date. In push management the application acts as a Server and exposes Methods which the CertificateManager can call to update the Certificates and Trust Lists as required.
The GDS is intended to work in conjunction with different Certificate Management services such as Active Directory. The GDS provides a standard OPC UA based information model that all OPC UA applications can support without needing to know the specifics of a particular Certificate Management system.
The CertificateManager shall support the following use cases:
- Provisioning (First time setup for a device/application);
- Renewal (Renewing expired or compromised certificates);
- Trust List Update (Updating the Trust Lists including the Revocation Lists);
- Revocation (Removing a device/application from the system). Although it is generally assumed that Client applications will use the Pull model and Server applications will use the Push model, this is not required.
During provisioning, the CertificateManager shall be able to operate in a mode where any Client is allowed to connect securely with any valid Certificate and user credentials are used to determine the rights a Client has; this eliminates the need to configure Trust Lists before connecting to the CertificateManager for provisioning.
Application vendors may decide to build the interaction with the CertificateManager as a separate component, e.g. as part of an administration application with access to the OPC UA configuration of this Application. This is transparent for the CertificateManager and will not be considered further in the rest of this chapter.
This standard does not define how to administer a CertificateManager but a CertificateManager shall provide an integrated system that includes both push and pull management.