OPC Studio User's Guide and Reference
StartNewKeyPairRequest Method (IEasyUACertificateManagement)



OpcLabs.EasyOpcUA Assembly > OpcLabs.EasyOpc.UA.Gds Namespace > IEasyUACertificateManagement Interface : StartNewKeyPairRequest Method
Endpoint descriptor. Identifies the OPC-UA server. The server must be a Global Directory Server (GDS).

Because the OpcLabs.EasyOpc.UA.UAEndpointDescriptor has implicit conversions from System.String and System.Uri, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the endpoint URL, or a so-called OPC UA endpoint descriptor string), or a System.Uri object, in place of this parameter, and the corresponding endpoint descriptor will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.UAEndpointDescriptor.FromString or OpcLabs.EasyOpc.UA.UAEndpointDescriptor.FromUri static method instead.

Also, because the OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement and OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement have an implicit conversion to OpcLabs.EasyOpc.UA.UAEndpointDescriptor, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement (results from OPC UA discovery) in place of this parameter, and the corresponding endpoint descriptor will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can convert a (non-null) OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement to OpcLabs.EasyOpc.UA.UAEndpointDescriptor using the ToUAEndpointDescriptor or ToUAEndpointDescriptor method instead.

If you are using OPC Wizard (for server development), an implicit conversion from OpcLabs.EasyOpc.UA.EasyUAServerCore can be used in the same way to simply pass the server object in place of this parameter, which will use its OpcLabs.EasyOpc.UA.EasyUAServerCore.EffectiveServerDescriptor property for the connection.

The value of this parameter cannot be null (Nothing in Visual Basic).

The identifier assigned to the Application Instance by the CertificateManager.

Because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion from System.String, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the expanded text of the nodeId) in place of this parameter, and the corresponding OPC UA node Id will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.UANodeId Constructor(String) constructor instead.

The value of this parameter cannot be null (Nothing in Visual Basic).

The NodeId of the Certificate Group which provides the context for the new request.
If OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.Null the CertificateManager shall choose the DefaultApplicationGroup.

Because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion from System.String, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the expanded text of the nodeId) in place of this parameter, and the corresponding OPC UA node Id will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.UANodeId Constructor(String) constructor instead.

The value of this parameter cannot be null (Nothing in Visual Basic).

The NodeId of the CertificateType for the new Certificate.
If OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.Null the CertificateManager shall generate a Certificate based on the value of the certificateGroupId argument.

Because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion from System.String, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the expanded text of the nodeId) in place of this parameter, and the corresponding OPC UA node Id will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.UANodeId Constructor(String) constructor instead.

The value of this parameter cannot be null (Nothing in Visual Basic).

The subject name to use for the Certificate.
If not specified the ApplicationName and/or domainNames are used to create a suitable default value.
The format of the subject name is a sequence of name value pairs separated by a ‘/’. The name shall be one of ‘CN’, ‘O’, ‘OU’, ‘DC’, ‘L’, ‘S’ or ‘C’ and shall be followed by a ‘=’ and then followed by the value. The value may be any printable character except for ‘”’. If the value contains a ‘/’ or a ‘=’ then it shall be enclosed in double quotes (‘”’).

The value of this parameter cannot be null (Nothing in Visual Basic).

The domain names to include in the Certificate.
If not specified the DiscoveryUrls are used to create suitable defaults.

The value of this parameter cannot be null (Nothing in Visual Basic).

The format of the private key.
The following values are always supported:
PFX - PKCS #12 encoded
PEM - Base64 encoded DER(see RFC 5958).

The value of this parameter cannot be null (Nothing in Visual Basic).

The password to use for the private key.

The value of this parameter cannot be null (Nothing in Visual Basic).

Starts a request for a new certificate and private key. The certificate and private key are returned in the FinishRequest response.
Syntax
'Declaration
 
<NotNullAttribute()>
Function StartNewKeyPairRequest( _
   ByVal gdsEndpointDescriptor As UAEndpointDescriptor, _
   ByVal applicationId As UANodeId, _
   ByVal certificateGroupId As UANodeId, _
   ByVal certificateTypeId As UANodeId, _
   ByVal subjectName As String, _
   ByVal domainNames As IEnumerable(Of String), _
   ByVal privateKeyFormat As String, _
   ByVal privateKeyPassword As String _
) As UANodeId
'Usage
 
Dim instance As IEasyUACertificateManagement
Dim gdsEndpointDescriptor As UAEndpointDescriptor
Dim applicationId As UANodeId
Dim certificateGroupId As UANodeId
Dim certificateTypeId As UANodeId
Dim subjectName As String
Dim domainNames As IEnumerable(Of String)
Dim privateKeyFormat As String
Dim privateKeyPassword As String
Dim value As UANodeId
 
value = instance.StartNewKeyPairRequest(gdsEndpointDescriptor, applicationId, certificateGroupId, certificateTypeId, subjectName, domainNames, privateKeyFormat, privateKeyPassword)

Parameters

gdsEndpointDescriptor
Endpoint descriptor. Identifies the OPC-UA server. The server must be a Global Directory Server (GDS).

Because the OpcLabs.EasyOpc.UA.UAEndpointDescriptor has implicit conversions from System.String and System.Uri, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the endpoint URL, or a so-called OPC UA endpoint descriptor string), or a System.Uri object, in place of this parameter, and the corresponding endpoint descriptor will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.UAEndpointDescriptor.FromString or OpcLabs.EasyOpc.UA.UAEndpointDescriptor.FromUri static method instead.

Also, because the OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement and OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement have an implicit conversion to OpcLabs.EasyOpc.UA.UAEndpointDescriptor, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement (results from OPC UA discovery) in place of this parameter, and the corresponding endpoint descriptor will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can convert a (non-null) OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement to OpcLabs.EasyOpc.UA.UAEndpointDescriptor using the ToUAEndpointDescriptor or ToUAEndpointDescriptor method instead.

If you are using OPC Wizard (for server development), an implicit conversion from OpcLabs.EasyOpc.UA.EasyUAServerCore can be used in the same way to simply pass the server object in place of this parameter, which will use its OpcLabs.EasyOpc.UA.EasyUAServerCore.EffectiveServerDescriptor property for the connection.

The value of this parameter cannot be null (Nothing in Visual Basic).

applicationId
The identifier assigned to the Application Instance by the CertificateManager.

Because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion from System.String, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the expanded text of the nodeId) in place of this parameter, and the corresponding OPC UA node Id will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.UANodeId Constructor(String) constructor instead.

The value of this parameter cannot be null (Nothing in Visual Basic).

certificateGroupId
The NodeId of the Certificate Group which provides the context for the new request.
If OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.Null the CertificateManager shall choose the DefaultApplicationGroup.

Because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion from System.String, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the expanded text of the nodeId) in place of this parameter, and the corresponding OPC UA node Id will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.UANodeId Constructor(String) constructor instead.

The value of this parameter cannot be null (Nothing in Visual Basic).

certificateTypeId
The NodeId of the CertificateType for the new Certificate.
If OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.Null the CertificateManager shall generate a Certificate based on the value of the certificateGroupId argument.

Because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion from System.String, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the expanded text of the nodeId) in place of this parameter, and the corresponding OPC UA node Id will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.UANodeId Constructor(String) constructor instead.

The value of this parameter cannot be null (Nothing in Visual Basic).

subjectName
The subject name to use for the Certificate.
If not specified the ApplicationName and/or domainNames are used to create a suitable default value.
The format of the subject name is a sequence of name value pairs separated by a ‘/’. The name shall be one of ‘CN’, ‘O’, ‘OU’, ‘DC’, ‘L’, ‘S’ or ‘C’ and shall be followed by a ‘=’ and then followed by the value. The value may be any printable character except for ‘”’. If the value contains a ‘/’ or a ‘=’ then it shall be enclosed in double quotes (‘”’).

The value of this parameter cannot be null (Nothing in Visual Basic).

domainNames
The domain names to include in the Certificate.
If not specified the DiscoveryUrls are used to create suitable defaults.

The value of this parameter cannot be null (Nothing in Visual Basic).

privateKeyFormat
The format of the private key.
The following values are always supported:
PFX - PKCS #12 encoded
PEM - Base64 encoded DER(see RFC 5958).

The value of this parameter cannot be null (Nothing in Visual Basic).

privateKeyPassword
The password to use for the private key.

The value of this parameter cannot be null (Nothing in Visual Basic).

Return Value

Returns the Node ID that represents the request.
This value is passed to FinishRequest.

Because there is an implicit conversion from OpcLabs.EasyOpc.UA.AddressSpace.UANodeId to OpcLabs.EasyOpc.UA.UANodeDescriptor, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use the returned OpcLabs.EasyOpc.UA.AddressSpace.UANodeId in any place where the OpcLabs.EasyOpc.UA.UANodeDescriptor is expected as input, and the corresponding node descriptor will be constructed automatically.

Also, because the OpcLabs.EasyOpc.UA.AddressSpace.UANodeId has an implicit conversion to System.String, and it converts to the expanded text of the node Id (OpcLabs.EasyOpc.UA.AddressSpace.UANodeId.ExpandedText), in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use the returned OpcLabs.EasyOpc.UA.AddressSpace.UANodeId in any place where expanded text of a node Id (a string) is expected as input, and the corresponding expanded text will be taken automatically from the node Id.

This method never returns null (Nothing in Visual Basic).

Exceptions
ExceptionDescription

A null reference (Nothing in Visual Basic) is passed to a method that does not accept it as a valid argument.

This is a usage error, i.e. it will never occur (the exception will not be thrown) in a correctly written program. Your code should not catch this exception.

The OPC UA operation has failed. This operation exception in uniformly used to allow common handling of various kinds of errors. The System.Exception.InnerException always contains information about the actual error cause.

This is an operation error that depends on factors external to your program, and thus cannot be always avoided. Your code must handle it appropriately.

Remarks

If you want to obtain new certificate for the current client application, it is recommended that you use the higher-level OpcLabs.EasyOpc.UA.Application.IEasyUAClientServerApplication.BeginObtainNewCertificate method instead.

Requirements

Target Platforms: .NET Framework: Windows 10 (selected versions), Windows 11 (selected versions), Windows Server 2016, Windows Server 2022; .NET: Linux, macOS, Microsoft Windows

See Also