Comments (4)
Hello charlesaugustineabb,
a self-signed certificate cannot be revoked. Only a certificate signed by a CA or intermediate CA can be revoked, and the revocation list has to be signed by the CA which has signed the certificate.
How to replace a revoked certificate depends on how you have set up your PKI. The server can create a new key pair and then a signing request which has to be send to a CA for signing (the CA does not need to know the private key, only the public one), or you can delegate certificate creation entirely to the CA and then transfer the certificate to the server (in this case the private key will be known to the entity which creates it, of course - some people think that this is bad and should not be done this way).
Whether the server knows that it needs a new certificate depends on whether the server does verify it's own certificate and includes a CRL check. Since one common use case is using the Microsoft Certificate store for the application certificate, and since this, until recently, did not support CRL checks, the server would not get to know it's revocation in this scenario. (For other scenarios (Linux, Mac, or Windows with file based certificate store) I -- or you -- have to check the source code whether the server verifies it's own certificates).
from ua-.netstandard.
Hello @ThomasNehring
in my case i have GDS and CA to sign the certificates of my applications.
i would like to know foundation's Server SDK/framework gives any of below feature
- if Servers own certificate is Revoked , Servers SDK/framework can create new key pair or self signed after deleting existing signed certificate(its own which is revoked) , with a external request or with out.
if not, i may need to think to implement same in Server specific code.
from ua-.netstandard.
Related Issues (20)
- IOP: Data structure Data:Array:ByteValue returns ByteString as datatype instead of Byte array.
- IOP: Loading complex may throw BadNothingTodo exception if DataTypeDictionary nodes are not populated
- Wireshark logs show sometimes a lot of TCP retransmissions HOT 1
- Usage of outdated and unmaintained dependencies HOT 1
- how to use Redundancy HOT 1
- CertificateIdentifier:Find(bool) returns no private key after Version 1.4.367.0 HOT 2
- Improve console client sample with user certificate support
- KeyFrame is not sent if no changed values HOT 1
- Could not load Configuration file (Implementation as a Windows Service) HOT 1
- Programmatically creation of Macinery Nodeset on Server HOT 2
- NullReferenceException in XmlDecoder.ReadExpandedNodeId
- Private key of application certificate must be set to exportable HOT 2
- Object with OpcUaType_NullEventNotifier gives NullReferenceException in opc ua client HOT 1
- Too many messages of "UaPublisher - PublishNetworkMessage, WriterGroupId:{0}; success = {1}" on log file
- Client keeps disconnecting/reconnecting to broker if it runs as publisher and subscriber at the same time HOT 2
- CertificateIdentifier.Find returns null despite of the fact that a certificate exists HOT 2
- Session is not provided by "ClearChangeMasks" when a change is notified
- NullReferenceException after updating from 1.5.374.36 to 1.5.374.54 HOT 3
- A server can not be initialized with a private encodeable factory
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ua-.netstandard.