aboutsummaryrefslogtreecommitdiffstats
path: root/readme.md
diff options
context:
space:
mode:
Diffstat (limited to 'readme.md')
-rw-r--r--readme.md22
1 files changed, 13 insertions, 9 deletions
diff --git a/readme.md b/readme.md
index 4156e51..bb99256 100644
--- a/readme.md
+++ b/readme.md
@@ -25,8 +25,11 @@ cd opcua_c
### Generate certificates
-The programs use TLS certificates for mutual authentication. Four identities
-are needed — run these from the project root:
+The programs use TLS certificates for mutual authentication. ServerLDS and
+ServerRegister can also run without certificates (SecurityPolicy#None only) by
+omitting the `certificate`, `privateKey`, and `trustStore` keys from their
+config files. For encrypted operation, four identities are needed — run these
+from the project root:
```sh
tools/generate_certificate.sh certs ServerLDS
@@ -37,22 +40,22 @@ tools/generate_certificate.sh certs ClientFindServers
### Populate the trust stores
-Each program trusts a specific set of peers. Copy the certificates into the
-trust store directories so they can find each other:
+Each program trusts a specific set of peers. Create symlinks to the
+certificates in the trust store directories so they can find each other:
```sh
mkdir -p certs/trust/{server_lds,server_register,server_register_client,client}
-cp certs/ServerRegisterClient_cert.der certs/ClientFindServers_cert.der \
+ln -s ../../ServerRegisterClient_cert.der ../../ClientFindServers_cert.der \
certs/trust/server_lds/
-cp certs/ServerLDS_cert.der certs/ClientFindServers_cert.der \
+ln -s ../../ServerLDS_cert.der ../../ClientFindServers_cert.der \
certs/trust/server_register/
-cp certs/ServerLDS_cert.der \
+ln -s ../../ServerLDS_cert.der \
certs/trust/server_register_client/
-cp certs/ServerLDS_cert.der certs/ServerRegister_cert.der \
+ln -s ../../ServerLDS_cert.der ../../ServerRegister_cert.der \
certs/trust/client/
```
@@ -93,10 +96,11 @@ All three programs accept an optional log level as the last argument
## Tests
-Integration tests exercise four combinations of security and authentication:
+Integration tests exercise five combinations of security and authentication:
| Test | Security | Auth |
|------|----------|------|
+| `nosec_anon` | LDS unsecured / None | anonymous |
| `none_anon` | None | anonymous |
| `none_user` | None | user/password |
| `basic256sha256_anon` | SignAndEncrypt / Basic256Sha256 | anonymous |