2

我正在尝试为我与 UaExpert-Client 连接的“open62541”服务器实施加密。首先,我使用“create_self-signed.py”创建了自签名证书。在我使用输出路径的信息执行 .py 文件后,我得到了“server_cert.der”和“server_key.der”。我试图修改服务器配置,但我注意到我必须使用哪种方法。有人可以告诉我将这些“.der 文件”放在哪里以及我应该使用哪些方法来修改我的服务器配置?

4

1 回答 1

0

有一个关于如何使用加密的完整示例: https ://github.com/open62541/open62541/blob/master/examples/encryption/server_encryption.c

始终检查任何开源项目的示例目录。在那里你会发现很多不错的代码示例。

代码摘录在这里:

    /* Load certificate and private key */
    UA_ByteString certificate = loadFile(argv[1]);
    UA_ByteString privateKey = loadFile(argv[2]);

    /* Load the trustlist */
    size_t trustListSize = 0;
    if(argc > 3)
        trustListSize = (size_t)argc-3;
    UA_STACKARRAY(UA_ByteString, trustList, trustListSize);
    for(size_t i = 0; i < trustListSize; i++)
        trustList[i] = loadFile(argv[i+3]);

    /* Loading of a issuer list, not used in this application */
    size_t issuerListSize = 0;
    UA_ByteString *issuerList = NULL;

    /* Loading of a revocation list currently unsupported */
    UA_ByteString *revocationList = NULL;
    size_t revocationListSize = 0;

    UA_Server *server = UA_Server_new();
    UA_ServerConfig *config = UA_Server_getConfig(server);

    UA_StatusCode retval =
        UA_ServerConfig_setDefaultWithSecurityPolicies(config, 4840,
                                                       &certificate, &privateKey,
                                                       trustList, trustListSize,
                                                       issuerList, issuerListSize,
                                                       revocationList, revocationListSize);
于 2019-10-08T06:52:09.150 回答