Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. General and Desktop
  4. OPCUA x509 certificate creation with errors
Forum Updated to NodeBB v4.3 + New Features

OPCUA x509 certificate creation with errors

Scheduled Pinned Locked Moved Unsolved General and Desktop
1 Posts 1 Posters 170 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    L Offline
    leonardoMB
    wrote on last edited by
    #1

    This is basically the example provided by Qt documentation about creation of OPCua Certificates. Everything goes well, but if I use the commented code below, even just a client ou server autenthication, I get the error:

    "qt.opcua.ssl: Failed to create X509 extension ("SSL Server", "SSL Client")"

       QOpcUaKeyPair key;
   key.generateRsaKey(QOpcUaKeyPair::RsaKeyStrength::Bits1024);
   QOpcUaX509CertificateSigningRequest csr;

   QOpcUaX509DistinguishedName dn;
 
   dn.setEntry(QOpcUaX509DistinguishedName::Type::CommonName, "QtOpcUaViewer");
   dn.setEntry(QOpcUaX509DistinguishedName::Type::CountryName, "DE");
   dn.setEntry(QOpcUaX509DistinguishedName::Type::LocalityName, "Berlin");    
   dn.setEntry(QOpcUaX509DistinguishedName::Type::StateOrProvinceName, "Berlin");
   dn.setEntry(QOpcUaX509DistinguishedName::Type::OrganizationName, "The Qt Company");
 
   csr.setSubject(dn);

   QOpcUaX509ExtensionSubjectAlternativeName *san = new QOpcUaX509ExtensionSubjectAlternativeName;
 
   san->addEntry(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
   san->addEntry(QOpcUaX509ExtensionSubjectAlternativeName::Type::DNS, "foo.com");
   san->addEntry(QOpcUaX509ExtensionSubjectAlternativeName::Type::URI, "urn:foo.com:The%20Qt%20Company:QtOpcUaViewer");
   san->setCritical(true);
   csr.addExtension(san);

   QOpcUaX509ExtensionBasicConstraints *bc = new QOpcUaX509ExtensionBasicConstraints;
 
   bc->setCa(false);
   bc->setCritical(true);
   csr.addExtension(bc);

   QOpcUaX509ExtensionKeyUsage *ku = new QOpcUaX509ExtensionKeyUsage;     
   
   ku->setCritical(true);
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DigitalSignature);     
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::NonRepudiation);   
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::KeyEncipherment);     
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::DataEncipherment); 
   ku->setKeyUsage(QOpcUaX509ExtensionKeyUsage::KeyUsage::CertificateSigning);
   csr.addExtension(ku);

   QOpcUaX509ExtensionExtendedKeyUsage *eku = new QOpcUaX509ExtensionExtendedKeyUsage;     
   
   eku->setCritical(true); 
   //eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::EmailProtection);
   //eku->setKeyUsage(QOpcUaX509ExtensionExtendedKeyUsage::KeyUsage::TlsWebClientAuthentication);    
// csr.addExtension(eku);
 Data = csr.createSelfSignedCertificate(key);
 QFile certificate(CERTIFICATE_PATH);
 certificate.open(QIODevice::WriteOnly);
 certificate.write(selfSignedCertificateData);
 certificate.close();
    1 Reply Last reply
    0

    • Login
    • Login or register to search.
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Get Qt Extensions
    • Unsolved