View Issue Details

IDProjectCategoryView StatusLast Update
000345510000-006: MappingsSpecpublic2016-12-06 17:59
ReporterThomas Merk Assigned Torandyarmstrong  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Summary0003455: HTTPS without certificates cannot use SSL
Description

It is stated in 1.03 part 6 - 7.3.1:

HTTPS allows Clients to have certificates; however, they are not required by the HTTPS transport. A Server shall allow Clients to connect without an HTTPS Certificate.

How can a client use HTTS (with SSL) without a (SSL) certificate.
Is it meant that no OPC UA instance certificate is necessary?
From my point HTTP (SSL) without encryption is not possible and should not be allowed.

Typically SSL connections without certificates are not allowed.

In general I miss some clarification regarding the two types of certificates:

  • SSL certificate
  • OPC UA instance certificate
    In many cases the same is used for both, but in general there can be two different certificates used.
TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Jim Luth

2016-09-13 15:52

administrator   ~0007177

"A Server shall allow Clients to connect without an HTTPS Certificate."

Change to:

"A Server shall allow Clients to connect without a Client HTTPS Certificate."

randyarmstrong

2016-12-04 20:29

administrator   ~0007402

Changed text to:

A Server shall allow Clients to connect without providing a Client Certificate during negotiation of the HTTPS connection.

Jim Luth

2016-12-06 17:59

administrator   ~0007455

Agreed to changes in telecon.

Issue History

Date Modified Username Field Change
2016-06-23 13:48 Thomas Merk New Issue
2016-09-13 15:52 Jim Luth Note Added: 0007177
2016-09-13 15:52 Jim Luth Assigned To => randyarmstrong
2016-09-13 15:52 Jim Luth Status new => assigned
2016-12-04 20:29 randyarmstrong Note Added: 0007402
2016-12-04 20:29 randyarmstrong Status assigned => resolved
2016-12-04 20:29 randyarmstrong Resolution open => fixed
2016-12-06 17:59 Jim Luth Note Added: 0007455
2016-12-06 17:59 Jim Luth Status resolved => closed
2016-12-06 17:59 Jim Luth Fixed in Version => 1.04