Professional OPC
Development Tools

logos

lupa

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

  1. Forum
  3. Discussions
  5. QuickOPC-UA in .NET
  7. Connections, Reconnections, Certificates
  9. Permissions Required to Generate a Certificate

Permissions Required to Generate a Certificate

More
26 Jun 2014 11:19 #2048 by support
Replied by support on topic Permissions Required to Generate a Certificate
I will not pretend that I understand the details of all the security checks that are made during the process. The QuickOPC code basically calls a code based on the UA Stack and SDK from OPC Foundation, which in turn locates and runs the certificate generator.

My understanding is the same as you have described. The permissions needs to be such that the certificate generator can be found, and then executed, and such that the generated certificate can be stored to its target location (by default, one of the Windows certificate stores).

From what I know, this last step is probably the most sensitive one, and this requires the highest permissions, because it effectively changes the security of the system to trust more - in this case, so that certain apps will trust other apps that use the certificate.
The following user(s) said Thank You: cdunlap

Please Log in or Create an account to join the conversation.

More
25 Jun 2014 16:26 #2047 by cdunlap
Permissions Required to Generate a Certificate was created by cdunlap
Hi,

I know that it requires "administrative permissions" to be able to generate a certificate using the Certificate Generator.

Can you go into detail on exactly what permissions are involved? I assume the client needs access to the file system where the Generator is, and also to where it will store it. What else goes on "behind the scenes" when generating a client certificate?

I am trying to figure out the minimum level of access a client would need in order to be able to generate a certificate successfully.

Thanks for your input.

Please Log in or Create an account to join the conversation.

Moderators: support
  1. Forum
  3. Discussions
  5. QuickOPC-UA in .NET
  7. Connections, Reconnections, Certificates
  9. Permissions Required to Generate a Certificate
Time to create page: 0.050 seconds