diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-17 19:06:22 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-17 19:06:22 +0100 |
| commit | 827e90e0daabe32e058e08dd2a253425898a7e7a (patch) | |
| tree | ecd3f31da63890ac029b7929eade88f38e078b3d /config/server_register.conf | |
| parent | e4ba24b3d24fdce36bc9dbd3c2c8f00b0ec23335 (diff) | |
| download | BobinkCOpcUa-827e90e0daabe32e058e08dd2a253425898a7e7a.tar.gz BobinkCOpcUa-827e90e0daabe32e058e08dd2a253425898a7e7a.zip | |
Replace ClientFindServers with unified Client, use trust store directories
Replace the single-purpose ClientFindServers program with a unified Client
that supports three operations via CLI: find-servers, get-endpoints, and
read-time. This simplifies the architecture by using one client binary with
a single config file instead of a monolithic program that did everything in
one run.
Split the ServerRegister config into separate server and client config files
so the LDS-registration credentials are isolated from the server's own
settings. The discovery URL moves from config to a CLI argument.
Replace repeated trustList config entries with a single trustStore directory
path. Each program now points to a directory under certs/trust/ containing
.der files, so adding or removing trust is a file-copy operation rather than
editing every config file. Add loadTrustStore()/freeTrustStore() to
common.c and remove the now-unused configGetAll() from the config parser.
Simplify the test matrix from 6 to 4 cases (security and auth are
orthogonal, so the full 3x2 matrix is unnecessary). Update run_test.sh to
invoke the new Client three times and use port-polling instead of sleep.
Diffstat (limited to 'config/server_register.conf')
| -rw-r--r-- | config/server_register.conf | 54 |
1 files changed, 16 insertions, 38 deletions
diff --git a/config/server_register.conf b/config/server_register.conf index c32c61e..ddacbac 100644 --- a/config/server_register.conf +++ b/config/server_register.conf @@ -1,47 +1,25 @@ -# ServerRegister configuration +# ServerRegister — server configuration # # Keys: -# port Server port number -# applicationUri OPC UA application URI -# serverCertificate Path to server certificate (.der) -# serverPrivateKey Path to server private key (.der) -# clientCertificate Path to client certificate for LDS connection (.der) -# clientPrivateKey Path to client private key for LDS connection (.der) -# discoveryEndpoint LDS endpoint URL (e.g. opc.tcp://localhost:4840) -# registerInterval Seconds between re-registrations with the LDS -# securityMode None, Sign, or SignAndEncrypt -# securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss, -# Aes128_Sha256_RsaOaep, or ECC_nistP256 -# serverAuthMode Auth mode for clients connecting to this server: -# "anonymous" or "user" -# serverUsername Username (required when serverAuthMode = user) -# serverPassword Password (required when serverAuthMode = user) -# clientAuthMode Auth mode for connecting to the LDS: -# "anonymous" or "user" -# clientUsername Username (required when clientAuthMode = user) -# clientPassword Password (required when clientAuthMode = user) -# trustList Trusted certificate path (repeat for multiple) +# port Server port number +# applicationUri OPC UA application URI +# certificate Path to server certificate (.der) +# privateKey Path to server private key (.der) +# registerInterval Seconds between re-registrations with the LDS +# authMode "anonymous" or "user" +# username Username (required when authMode = user) +# password Password (required when authMode = user) +# trustStore Directory containing trusted certificates (.der) port = 4841 applicationUri = urn:bobink.ServerRegister -serverCertificate = certs/ServerRegister_cert.der -serverPrivateKey = certs/ServerRegister_key.der -clientCertificate = certs/ServerRegisterClient_cert.der -clientPrivateKey = certs/ServerRegisterClient_key.der +certificate = certs/ServerRegister_cert.der +privateKey = certs/ServerRegister_key.der -discoveryEndpoint = opc.tcp://localhost:4840 registerInterval = 10 -securityMode = SignAndEncrypt -securityPolicy = Aes256_Sha256_RsaPss +authMode = user +username = user +password = password -serverAuthMode = user -serverUsername = user -serverPassword = password - -clientAuthMode = user -clientUsername = user -clientPassword = password - -trustList = certs/ServerLDS_cert.der -trustList = certs/ClientFindServers_cert.der +trustStore = certs/trust/server_register |