C# - OPC-UA server application has not been created PKI certificate in Linux machine

Question

When I run OPC-UA server C# application in windows machine then OPC-UA server has created a certificate path C:\ProgramData\OPC Foundation\pki\own and generates some certificates inside this path, but when I installed OPC-UA server in Linux machine then certificate path has not been created by server application and I am not getting any kind of error like access to the path denied. I am using below lines for creating certificate path in configuration file. Please help us.

<ApplicationCertificate>
            <StoreType>Directory</StoreType>
            <StorePath>%CommonApplicationData%\OPC Foundation\pki\own</StorePath>
            <SubjectName>CN=OPCUA Server, C=US, S=Arizona, O=OPC Foundation, DC=localhost</SubjectName>
</ApplicationCertificate>

Victor Pieper · Answer 1 · 2023-04-12T11:47:29.233

First of all on linux it is recommended to use: %LocalApplicationData%

ENM: System.Environment.SpecialFolder.LocalApplicationData
WIN: C:\Users\USER\AppData\Local
LIN: /home/USER/.local/share
OSX: /Users/USER/.local/share

If you run it as superuser /root/.local/share is the path.

If you run it as normal user /home/victor/.local/share

If you want to see the path of a special folder use this:

Console.WriteLine("My folder: " + Environment.GetFolderPath( Environment.SpecialFolder.LocalApplicationData));

Superuser path:

Normaluser path:

This might help you locate your folders.

Since I ran the program as superuser it is in the (USER)->root/.local/share You can only access this folder when logged in as root

Here is anotherone with normal user:

My Securityconfiguration (I made a client but I guess it is almost the same with server):

    SecurityConfiguration = new SecurityConfiguration
                {
                    ApplicationCertificate = new CertificateIdentifier { StoreType = @"Directory", StorePath = @"%LocalApplicationData%/OPCFoundation/CertificateStores/MachineDefault", SubjectName = "Mything" },
                    TrustedIssuerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%LocalApplicationData%/OPCFoundation/CertificateStores/UA Certificate Authorities" },
                    TrustedPeerCertificates = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%LocalApplicationData%/OPCFoundation/CertificateStores/UA Applications" },
                    RejectedCertificateStore = new CertificateTrustList { StoreType = @"Directory", StorePath = @"%LocalApplicationData%/OPCFoundation/CertificateStores/RejectedCertificates" },
                    AutoAcceptUntrustedCertificates = true,
                    AddAppCertToTrustedStore = true
                },

This code will create the certificate on runtime:

application.CheckApplicationInstanceCertificate(false, 2048).GetAwaiter().GetResult();

when I am using Backslash in path `%LocalApplicationData%\OPCFoundation\pki\own` then application running fine but certificate path not created, but when I used forward slash in path `%LocalApplicationData%/OPCFoundation/pki/own` then getting error `(Access to the path '/OPCFoundation/pki/own' is denied.)` — Md Shahnewaz, Apr 06 '23 at 11:29
@MdShahnewaz what kinda of os are you using? ubuntu? and with desktopview? — Victor Pieper, Apr 06 '23 at 11:57
`sudo chmod -R 777 /home` you can try giving the folder and subfolders read,write access for all users. — Victor Pieper, Apr 06 '23 at 12:27
I gave read, write access to all folder and subfolders still certificate creation is not happening for us. — Md Shahnewaz, Apr 11 '23 at 05:19
@MdShahnewaz I don't know furthermore, just make sure all the settings are right. — Victor Pieper, Apr 11 '23 at 12:34

C# - OPC-UA server application has not been created PKI certificate in Linux machine

1 Answers1

Linked