Add X509 certificate identity token authentication

Support authMode=cert alongside anonymous and user. The client reuses its application certificate as the X509 identity token (open62541 requires both to match). Server-side access control advertises the certificate token policy automatically when sessionPKI is configured.
author: Thomas Vanbesien <tvanbesi@proton.me> 2026-02-18 21:44:17 +0100
committer: Thomas Vanbesien <tvanbesi@proton.me> 2026-02-18 21:44:17 +0100
commit: deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34 (patch)
tree: 93b6614e554db2e8c7ac0becfb0b8129ab49e141 /tests/secure_cert/server_register.conf
parent: 70381b3381d77845dbc04fd521b729b7098134a5 (diff)
download: BobinkCOpcUa-deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34.tar.gz
BobinkCOpcUa-deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/tests/secure_cert/server_register.conf b/tests/secure_cert/server_register.conf
new file mode 100644
index 0000000..ba6de55
--- /dev/null
+++ b/tests/secure_cert/server_register.conf
@@ -0,0 +1,13 @@
+# ServerRegister server config — test: secure_cert
+# Requires X509 certificate identity token for session auth.
+
+port = 14841
+applicationUri = urn:localhost:bobink:ServerRegister
+
+certificate = certs/ServerRegister_cert.der
+privateKey = certs/ServerRegister_key.der
+trustStore = certs/trust/server_register
+
+authMode = cert
+
+registerInterval = 10
author	Thomas Vanbesien <tvanbesi@proton.me>	2026-02-18 21:44:17 +0100
committer	Thomas Vanbesien <tvanbesi@proton.me>	2026-02-18 21:44:17 +0100
commit	deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34 (patch)
tree	93b6614e554db2e8c7ac0becfb0b8129ab49e141 /tests/secure_cert/server_register.conf
parent	70381b3381d77845dbc04fd521b729b7098134a5 (diff)
download	BobinkCOpcUa-deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34.tar.gz BobinkCOpcUa-deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34.zip