The OPC UA client driver creates an incorrect self-signed certificate
Summary
When a new connection is created in the OPCUA32 client driver a new self signed certificate is automatically created, but the certificate does not contain a SubjectAltname as required for OPC UA application instance certificates.
This may result in refusal of the connection by an OPC UA server when signed or encrypted communication is used or may also prevent the signing of this certificate by a global discovery server.
Description
When a new connection is created in the OPCUA32 client driver a new self signed certificate is automatically created, but the certificate does not contain a SubjectAltname as required for OPC UA application instance certificates.
This may result in refusal of the connection by an OPC UA server when signed or encrypted communication is used or may also prevent the signing of this certificate by a global discovery server.
Solution
An issue has been addressed in the OPCUA32 client driver where the automatically created OPC UA instance certificate did not comply with the OPC UA requirements for such a certificate.
Information
As a workaround, the automatically created application instance certificate may be replaced by a user-created application instance certifiate that does correctly contain the SubjectAltname field with a corresponding value.
Issue Number: 33235
Fixed on Date: 12.10.2016
Versions: 7.60 0 BUILD 36068