Certificate-based authentication is a technique that allows one machine to securely identify itself to another across a network
connection, using a certificate called a public-key certificate.
Prerequisites:
You need to have CA and Intermediate certificates to use in this procedure. Refer to Niagara Station Security Guide for instructions on creating and saving certificates.
Niagara 4.11 or later version is required to support client certificate authentication in the OpcUa Server driver.
Perform the following steps:
Import the CA and Intermediate certificates into the User Trust Store of Workbench.
Create a client certificate and sign the client certificate by any one of the CA or Intermediate certificates.
Export public key and private key of the client certificate.
For further communication with the server, send the public key and private key file to client. By default, the public key
is in PEM format. The client needs to convert the public key into the required format by using openssl command.
During certificate authentication, select the certificate which was used to sign the client certificate. The drop-down list
will only show the certificates which are available in User Trust Store of Workbench.