Description
We wanted to change SSL certificate thumbprint algorithm from SHA1 to SHA256. For this we made changes in createThumbprint method of CertificateUtils class. and tried to test it with UA CPP and Softing simuation servers.
For UACpp server, we got following exception:
Exception in thread "main" org.opcfoundation.ua.common.ServiceResultException: Bad_EncodingLimitsExceeded (0x80080000) "The message encoding/decoding limits imposed by the stack have been exceeded."
at org.opcfoundation.ua.transport.tcp.io.TcpConnection$ReadThread.run
For Softing, the exception is:
Exception in thread "main" org.opcfoundation.ua.common.ServiceResultException: Bad_SecurityChecksFailed (code=0x80130000, description="Could not verify security on OpenSecureChannel request.")
at org.opcfoundation.ua.transport.tcp.io.TcpConnection$ReadThread.run
Looks like we will need further changes to fix this.
@jouniaro was this tried before? We are not familiar with the java stack code to that extent, can you suggest what else we will need to change in order to fix this. This is reported as a security vulnerability in one of our security scans.