ApplicationConfiguration.SaveToFile() removes "RejectSHA1SignedCertificates" #184

[PrashantDesai]

OPCFoundation/UA-.NET-Legacy#184

Is this problem is resolved in following Nuget package?? It is not working for me
1.4.360.33

[AlinMoldovean]

Hi @PrashantDesai ,

ApplicationConfiguration.SaveToFile(string filePath) writes in the file only the members that have a value different from the default of the type.
This is because EmitDefaultValue = false for all the members of configuration classes.

        //
        // Summary:
        //     Gets or sets a value that specifies whether to serialize the default value for
        //     a field or property being serialized.
        //
        // Returns:
        //     true if the default value for a member should be generated in the serialization
        //     stream; otherwise, false. The default is true.
        public bool EmitDefaultValue { get; set; }

RejectSHA1SignedCertificates will be written in the file only if its value is "true".

Please note that SaveToFile() produces a slightly different output compared to the initial xml configuration file. e.g it also removes the comments.

[PrashantDesai]

OK Thank you I will check this and let you know From: Alin Moldovean <[email protected]> Sent: Monday, March 30, 2020 3:14 PM To: OPCFoundation/UA-.NETStandard <[email protected]> Cc: Prashant K. Desai <[email protected]>; Mention <[email protected]> Subject: Re: [OPCFoundation/UA-.NETStandard] ApplicationConfiguration.SaveToFile() removes "RejectSHA1SignedCertificates" #184 (#930) CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hi @PrashantDesai<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FPrashantDesai&data=02%7C01%7Cprashant.k.desai%40in.abb.com%7Cc2684bf19cf64278137808d7d48eea7f%7C372ee9e09ce04033a64ac07073a91ecd%7C0%7C1%7C637211582594764816&sdata=A7QTcB%2Bpej%2FNqEwYbEELza6o85xLmEPlJvqvNl9uxTw%3D&reserved=0> , ApplicationConfiguration.SaveToFile(string filePath) writes in the file only the members that have a value different from the default of the type. This is because EmitDefaultValue = false for all the members of configuration classes. // // Summary: // Gets or sets a value that specifies whether to serialize the default value for // a field or property being serialized. // // Returns: // true if the default value for a member should be generated in the serialization // stream; otherwise, false. The default is true. public bool EmitDefaultValue { get; set; } RejectSHA1SignedCertificates will be written in the file only if its value is "true". Please note that SaveToFile() produces a slightly different output compared to the initial xml configuration file. e.g it also removes the comments. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FOPCFoundation%2FUA-.NETStandard%2Fissues%2F930%23issuecomment-605896250&data=02%7C01%7Cprashant.k.desai%40in.abb.com%7Cc2684bf19cf64278137808d7d48eea7f%7C372ee9e09ce04033a64ac07073a91ecd%7C0%7C1%7C637211582594764816&sdata=LJZHjy3cfioZcUlMKAwvbjrkTsVB%2F6ylfpJyGFIyDSU%3D&reserved=0>, or unsubscribe<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FABMWOHDN5PZSTPNPZIBYYI3RKBSXBANCNFSM4LT6VAJA&data=02%7C01%7Cprashant.k.desai%40in.abb.com%7Cc2684bf19cf64278137808d7d48eea7f%7C372ee9e09ce04033a64ac07073a91ecd%7C0%7C1%7C637211582594774772&sdata=688UcGSxU5jSodqHbOBi9onqkb0Yliy5sauToISLlnQ%3D&reserved=0>.

[PrashantDesai]

We are facing exactly present in this link:
https://opcfoundation.org/forum/opc-ua-implementation-stacks-tools-and-samples/applicationconfiguration-savetofile-removes-rejectsha1signedcertificates/#p1824

If we remove RejectSHA1SignedCertificates in XML the following code gives error as present the above link, then if we put back flag again as false it works fine,

            ApplicationConfiguration configuration = ApplicationConfiguration.Load(new System.IO.FileInfo(configurationFile),
                Opc.Ua.ApplicationType.Server, null).Result;

            CertificateValidator validator = new CertificateValidator();
            validator.Update(configuration);
            validator.Validate(certificate);

[PrashantDesai]

we are using 1.4.360.33 nu get package

[AlinMoldovean]

Hi @PrashantDesai ,

The problem is that you application instance certificate has a SHA1 signature that is not trusted anymore.
If you still want to use it you should do the following:

ApplicationConfiguration configuration = ApplicationConfiguration.Load(new System.IO.FileInfo(configurationFile),
                Opc.Ua.ApplicationType.Server, null).Result;

configuration.SecurityConfiguration.RejectSHA1SignedCertificates = false;

            CertificateValidator validator = new CertificateValidator();
            validator.Update(configuration);
            validator.Validate(certificate);

[PrashantDesai]

Hello Alin,

Thanks a lot. It is working.