Is-it possible in Eclipse Milo that a client connects to a server with this authentication parameters: "certificate + private key" ? And also with parameters "Security Policy" and "Message Security Mode" ?
(as in UAExpert client : http://documentation.unified-automation.com/uaexpert/1.4.0/html/connect.html)
If yes, then how?
I have at my disposal:
yes, it's currently possible although it's not made "easy" like using a username/password is right now.
The client SDK exposes an interface called IdentityProvider
which is delegated to while the client is connecting and is given the endpoint and server nonce. It returns a 2-tuple containing a UserIdentityToken
and a SignatureData
.
You would need to implement this interface for the X509IdentityToken
case and return your certificate (in the X509IdentityToken
) as well as proof that you have the key to it (in the SignatureData
).
Once you have this IdentityProvider
you would just tell the client to use it while you were configuring it by calling setIdentityProvider
when building the OpcUaClientConfig
object.
Since this is a bit burdensome and the point of an SDK is to relieve the user of burden I will make this a feature ticket for Milo as well. If you're not up to implementing it yourself I can get to it this week.