splatch commented on issue #1844: URL: https://github.com/apache/plc4x/issues/1844#issuecomment-2433855130
Hello @sciortid, All security policies defined by spec are covered, with a small note of bug fixed in 0.13-SNAPSHOT and discovered thanks to issue #1802. In 0.12 you need to make sure that both client and server certificates use same private key length. With regard to endpoint selection logic - you most likely need to define also message security (message-security=SIGN or SIGN_ENCRYPT) in order to use password authentication. I think spec mandates use of encryption in case of password authentication, however most of software servers are quite relaxed about that. There was small adjustment of endpoint selection logic in #1830, so 0.13-SNAPSHOT again might behave slightly different than 0.12. Later have a bug which could lead to incompatibilities with servers which defined multiple `UserTokenPolicy` with distinct identifiers. My advise is to try with develop (checkout project and do `mvn install -Pwith-java`) to see if its any better. If not, then please enable debug logging for `org.apache.plc4x.java.opcua.protocol` and attach logs generated by your application. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
