How to recreate an OPC UA application instance certificate

From OPC Labs Knowledge Base
Jump to navigation Jump to search

If there is something wrong with the client application certificate created for the application, you may need to recreate it.

Using the UA Configuration Tool

This procedure assumes default setting for the instance store type and location. If your application uses different setting, you may have to modify the procedure accordingly.

  1. Download and install UA Configuration Tool.
  2. Run it.
  3. Switch to the "Manage Certificates" tab.
  4. Make sure that "Store Type" is set to Directory.
  5. In the "Store Path", drop-down the list, and select the path ending with "Machine Default". The, press the "View Certificates" button. This is the store for the instance certificates of the UA apps on this computer.
  6. Delete the certificates that belong to your application (right-click and choose "Delete"). If you know that it is safe, such as when there are no other OPC UA applications on the computer, you can even delete all certificates in this store.
  7. You may exit the UA Configuration Tool now.
  8. Restart your application, making sure it is done under elevated privileges (so that it has write access to the stores). This should re-create the app certificate and store it where it belongs to - if that was the cause of the problem.

How do I know the name of certificate that my application is using?
By default, the certificate name is derived from multiple pieces of information, including the name of you main application assembly - so you should recognize it in the name. In some cases, such as when the .NET application is hosted (e.g. under Web server) or when running from a COM tool, the application assembly may not be present, and there will be a different information instead, such as the name of the hosting process.