The OPC UA server for zenon logic and in the process gateway should no longer check the certificate with security mode none

The OPC UA server for zenon logic and in the process gateway should no longer check the certificate with security mode none

Summary

Since OPC UA specification 1.02 an OPC UA client is no longer required to send its application instance certificate when MessageMode Security "None" is used by the client. Also an OPC UA server is no longer required to send its certificate when a client requests MessageMode security "None"

Description

Since OPC UA specification 1.02 an OPC UA client is no longer required to send its application instance certificate when MessageMode Security "None" is used by the client. Also an OPC UA server is no longer required to send its certificate when a client requests MessageMode security "None"

Solution

The OPC UA server in the process gateway and the zenon logic OPC UA server have changed in a way that when a client uses MessageMode Security "None", the server no longer sends its own application instance certificate.   Also the OPC UA server in the process gateway and the zenon logic OPC UA server no longer check application instance certificates when message mode security is None, effectively granting access to any OPC UA client that connects.   The option "trust all client certificates" in the configuration of the process gateway for the OPC UA server therefore is void.    

Issue Number: 33280
Fixed on Date: 13.11.2016
Versions: 7.60 0 BUILD 36068