aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/client.conf23
-rw-r--r--config/client_find_servers.conf50
-rw-r--r--config/server_lds.conf5
-rw-r--r--config/server_register.conf54
-rw-r--r--config/server_register_client.conf26
5 files changed, 67 insertions, 91 deletions
diff --git a/config/client.conf b/config/client.conf
new file mode 100644
index 0000000..1d3fe1b
--- /dev/null
+++ b/config/client.conf
@@ -0,0 +1,23 @@
+# Client configuration
+#
+# Keys:
+# applicationUri OPC UA application URI
+# certificate Path to client certificate (.der)
+# privateKey Path to client private key (.der)
+# securityMode None, Sign, or SignAndEncrypt
+# securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
+# Aes128_Sha256_RsaOaep, or ECC_nistP256
+# authMode "anonymous" or "user" (read-time only)
+# username Username (required when authMode = user)
+# password Password (required when authMode = user)
+# trustStore Directory containing trusted certificates (.der)
+
+applicationUri = urn:bobink.ClientFindServers
+certificate = certs/ClientFindServers_cert.der
+privateKey = certs/ClientFindServers_key.der
+securityMode = SignAndEncrypt
+securityPolicy = Aes256_Sha256_RsaPss
+authMode = user
+username = user
+password = password
+trustStore = certs/trust/client
diff --git a/config/client_find_servers.conf b/config/client_find_servers.conf
deleted file mode 100644
index 5ab15d5..0000000
--- a/config/client_find_servers.conf
+++ /dev/null
@@ -1,50 +0,0 @@
-# ClientFindServers configuration
-#
-# Shared keys:
-# discoveryEndpoint LDS endpoint URL (e.g. opc.tcp://localhost:4840)
-# applicationUri OPC UA application URI
-#
-# Discovery-side keys (LDS connection):
-# discoveryCertificate Path to certificate for LDS connections (.der)
-# discoveryPrivateKey Path to private key for LDS connections (.der)
-# discoverySecurityMode None, Sign, or SignAndEncrypt
-# discoverySecurityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
-# Aes128_Sha256_RsaOaep, or ECC_nistP256
-# discoveryAuthMode "anonymous" or "user"
-# discoveryUsername Username (required when discoveryAuthMode = user)
-# discoveryPassword Password (required when discoveryAuthMode = user)
-# discoveryTrustList Trusted certificate path (repeat for multiple)
-#
-# Server-side keys (connections to discovered servers):
-# serverCertificate Path to certificate for server connections (.der)
-# serverPrivateKey Path to private key for server connections (.der)
-# serverSecurityMode None, Sign, or SignAndEncrypt
-# serverSecurityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
-# Aes128_Sha256_RsaOaep, or ECC_nistP256
-# serverAuthMode "anonymous" or "user"
-# serverUsername Username (required when serverAuthMode = user)
-# serverPassword Password (required when serverAuthMode = user)
-# serverTrustList Trusted certificate path (repeat for multiple)
-
-discoveryEndpoint = opc.tcp://localhost:4840
-applicationUri = urn:bobink.ClientFindServers
-
-# Discovery (LDS) side
-discoveryCertificate = certs/ClientFindServers_cert.der
-discoveryPrivateKey = certs/ClientFindServers_key.der
-discoverySecurityMode = SignAndEncrypt
-discoverySecurityPolicy = Aes256_Sha256_RsaPss
-discoveryAuthMode = user
-discoveryUsername = user
-discoveryPassword = password
-discoveryTrustList = certs/ServerLDS_cert.der
-
-# Server side
-serverCertificate = certs/ClientFindServers_cert.der
-serverPrivateKey = certs/ClientFindServers_key.der
-serverSecurityMode = SignAndEncrypt
-serverSecurityPolicy = Aes256_Sha256_RsaPss
-serverAuthMode = user
-serverUsername = user
-serverPassword = password
-serverTrustList = certs/ServerRegister_cert.der
diff --git a/config/server_lds.conf b/config/server_lds.conf
index a30106c..7382dbe 100644
--- a/config/server_lds.conf
+++ b/config/server_lds.conf
@@ -9,7 +9,7 @@
# authMode "anonymous" or "user"
# username Username (required when authMode = user)
# password Password (required when authMode = user)
-# trustList Trusted certificate path (repeat for multiple)
+# trustStore Directory containing trusted certificates (.der)
port = 4840
applicationUri = urn:bobink.ServerLDS
@@ -21,5 +21,4 @@ authMode = user
username = user
password = password
-trustList = certs/ServerRegisterClient_cert.der
-trustList = certs/ClientFindServers_cert.der
+trustStore = certs/trust/server_lds
diff --git a/config/server_register.conf b/config/server_register.conf
index c32c61e..ddacbac 100644
--- a/config/server_register.conf
+++ b/config/server_register.conf
@@ -1,47 +1,25 @@
-# ServerRegister configuration
+# ServerRegister — server configuration
#
# Keys:
-# port Server port number
-# applicationUri OPC UA application URI
-# serverCertificate Path to server certificate (.der)
-# serverPrivateKey Path to server private key (.der)
-# clientCertificate Path to client certificate for LDS connection (.der)
-# clientPrivateKey Path to client private key for LDS connection (.der)
-# discoveryEndpoint LDS endpoint URL (e.g. opc.tcp://localhost:4840)
-# registerInterval Seconds between re-registrations with the LDS
-# securityMode None, Sign, or SignAndEncrypt
-# securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
-# Aes128_Sha256_RsaOaep, or ECC_nistP256
-# serverAuthMode Auth mode for clients connecting to this server:
-# "anonymous" or "user"
-# serverUsername Username (required when serverAuthMode = user)
-# serverPassword Password (required when serverAuthMode = user)
-# clientAuthMode Auth mode for connecting to the LDS:
-# "anonymous" or "user"
-# clientUsername Username (required when clientAuthMode = user)
-# clientPassword Password (required when clientAuthMode = user)
-# trustList Trusted certificate path (repeat for multiple)
+# port Server port number
+# applicationUri OPC UA application URI
+# certificate Path to server certificate (.der)
+# privateKey Path to server private key (.der)
+# registerInterval Seconds between re-registrations with the LDS
+# authMode "anonymous" or "user"
+# username Username (required when authMode = user)
+# password Password (required when authMode = user)
+# trustStore Directory containing trusted certificates (.der)
port = 4841
applicationUri = urn:bobink.ServerRegister
-serverCertificate = certs/ServerRegister_cert.der
-serverPrivateKey = certs/ServerRegister_key.der
-clientCertificate = certs/ServerRegisterClient_cert.der
-clientPrivateKey = certs/ServerRegisterClient_key.der
+certificate = certs/ServerRegister_cert.der
+privateKey = certs/ServerRegister_key.der
-discoveryEndpoint = opc.tcp://localhost:4840
registerInterval = 10
-securityMode = SignAndEncrypt
-securityPolicy = Aes256_Sha256_RsaPss
+authMode = user
+username = user
+password = password
-serverAuthMode = user
-serverUsername = user
-serverPassword = password
-
-clientAuthMode = user
-clientUsername = user
-clientPassword = password
-
-trustList = certs/ServerLDS_cert.der
-trustList = certs/ClientFindServers_cert.der
+trustStore = certs/trust/server_register
diff --git a/config/server_register_client.conf b/config/server_register_client.conf
new file mode 100644
index 0000000..e4598a9
--- /dev/null
+++ b/config/server_register_client.conf
@@ -0,0 +1,26 @@
+# ServerRegister — client configuration for LDS registration
+#
+# Keys:
+# applicationUri OPC UA application URI
+# certificate Path to client certificate (.der)
+# privateKey Path to client private key (.der)
+# securityMode None, Sign, or SignAndEncrypt
+# securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
+# Aes128_Sha256_RsaOaep, or ECC_nistP256
+# authMode "anonymous" or "user"
+# username Username (required when authMode = user)
+# password Password (required when authMode = user)
+# trustStore Directory containing trusted certificates (.der)
+
+applicationUri = urn:bobink.ServerRegister
+certificate = certs/ServerRegisterClient_cert.der
+privateKey = certs/ServerRegisterClient_key.der
+
+securityMode = SignAndEncrypt
+securityPolicy = Aes256_Sha256_RsaPss
+
+authMode = user
+username = user
+password = password
+
+trustStore = certs/trust/server_register_client
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-20 07:19:44 +0000