7 Certificate Management Overview ToC Previous Next

7.5 Common Information Model ToC Previous Next

7.5.5 AddCertificate ToC Previous Next

The AddCertificate Method allows a Client to add a single Certificate to the Trust List. The Server shall verify that the Certificate is valid according to the rules defined in OPC 10000-4. If an invalid Certificate is found the Server shall return an error and shall not update the Trust List.

If the Certificate is issued by a CA then the Client shall provide the entire chain in the certificate argument (see OPC 10000-6). After validating the Certificate, the Server shall add the CA Certificates to the Issuers list in the Trust List. The leaf Certificate is added to the list specified by the isTrustedCertificate argument.

This method cannot be called if the file object is open.

AddCertificate(
[in] ByteString certificate
[in] Boolean isTrustedCertificate
);
Argument Description
Certificate The DER encoded Certificate to add.
isTrustedCertificate If TRUE the Certificate is added to the Trusted Certificates List.
If FALSE the Certificate is added to the Issuer Certificates List.

Method Result Codes (defined in Call Service)

Result Code Description
Bad_UserAccessDenied The current user does not have the rights required.
Bad_CertificateInvalid The certificate to add is invalid.
Bad_InvalidState The object is opened.

Table 16 specifies the AddressSpace representation for the AddCertificate Method.

Table 16 – AddCertificate Method AddressSpace Definition

Attribute Value
BrowseName AddCertificate
References NodeClass BrowseName DataType TypeDefinition ModellingRule
HasProperty Variable InputArguments Argument[] PropertyType Mandatory

Previous Next