Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. General and Desktop
  4. OPCUA x509 certificate creation with errors

OPCUA x509 certificate creation with errors

Scheduled Pinned Locked Moved Unsolved General and Desktop
1 Posts 1 Posters 208 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    L Offline
    leonardoMB
    wrote on last edited by
    #1

    This is basically the example provided by Qt documentation about creation of OPCua Certificates. Everything goes well, but if I use the commented code below, even just a client ou server autenthication, I get the error:

    "qt.opcua.ssl: Failed to create X509 extension ("SSL Server", "SSL Client")"

       QOpcUaKeyPair key;
   key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024);
   QOpcUaX509CertificateSigningRequest csr;

   QOpcUaX509DistinguishedName dn;
 
   dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer");
   dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE");
   dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin");    
   dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin");
   dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company");
 
   csr.setSubject(dn);

   QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName;
 
   san->addEntry(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
   san->addEntry(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
   san->addEntry(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer");
   san->setCritical(true);
   csr.addExtension(san);

   QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints;
 
   bc->setCa(false);
   bc->setCritical(true);
   csr.addExtension(bc);

   QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage;     
   
   ku->setCritical(true);
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature);     
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation);   
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment);     
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment); 
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning);
   csr.addExtension(ku);

   QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage;     
   
   eku->setCritical(true); 
   //eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection);
   //eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::TlsWebClientAuthentication);    
// csr.addExtension(eku);
 Data = csr.createSelfSignedCertificate(key);
 QFile certificate(CERTIFICATE_PATH);
 certificate.open(QIODevice::WriteOnly);
 certificate.write(selfSignedCertificateData);
 certificate.close();
    1 Reply Last reply
    0

    • Login
    • Login or register to search.
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Get Qt Extensions
    • Unsolved