diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-18 21:44:17 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-18 21:44:17 +0100 |
| commit | deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34 (patch) | |
| tree | 93b6614e554db2e8c7ac0becfb0b8129ab49e141 /src/client.c | |
| parent | 70381b3381d77845dbc04fd521b729b7098134a5 (diff) | |
| download | BobinkCOpcUa-deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34.tar.gz BobinkCOpcUa-deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34.zip | |
Add X509 certificate identity token authentication
Support authMode=cert alongside anonymous and user. The client
reuses its application certificate as the X509 identity token
(open62541 requires both to match). Server-side access control
advertises the certificate token policy automatically when
sessionPKI is configured.
Diffstat (limited to 'src/client.c')
| -rw-r--r-- | src/client.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/client.c b/src/client.c index 3d22a4d..f2166a6 100644 --- a/src/client.c +++ b/src/client.c @@ -233,9 +233,12 @@ main (int argc, char **argv) /* ---- Auth config (read-time only) ---- */ const char *username = NULL, *password = NULL; + UA_Boolean certAuth = false; if (op == OP_READ_TIME - && parseAuthConfig (&cfg, "Client", NULL, &username, &password) != 0) + && parseAuthConfig (&cfg, "Client", NULL, &username, &password, + &certAuth) + != 0) { configFree (&cfg); return EXIT_FAILURE; @@ -287,7 +290,7 @@ main (int argc, char **argv) UA_StatusCode retval = createSecureClientConfig ( UA_Client_getConfig (client), applicationUri, certPath, keyPath, - trustPaths, trustSize, secMode, secPolUri); + trustPaths, trustSize, secMode, secPolUri, certAuth); if (retval != UA_STATUSCODE_GOOD) { UA_Client_delete (client); |