@vitormnm/node-red-simple-opcua 1.6.3 → 1.7.0

package/server/lib/opcua-server-runtime-child.js

@@ -257,18 +257,33 @@ class OpcUaServerProcess {
 
 
 
-            process.send({
-                type: "send",
-                data: msg,
-                nodeId: nodeId
-            });
+            let hasFailures = false;
+            if (readArrayResults) {
+                const failed = readArrayResults.filter(item => item && item.status !== "Good");
+                if (failed.length) {
+                    hasFailures = true;
+                }
+            }
+            if (result.directError) {
+                hasFailures = true;
+            }
+
+            if (!hasFailures) {
+                process.send({
+                    type: "send",
+                    data: msg,
+                    nodeId: nodeId
+                });
+            }
 
             process.send({
                 type: "status",
                 data: {
-                    fill: "green",
+                    fill: hasFailures ? (result.directError ? "red" : "yellow") : "green",
                     shape: "dot",
-                    text: result.identifiers.length > 1 ? "read " + result.identifiers.length + " tags" : "read " + result.identifiers[0]
+                    text: hasFailures
+                        ? (result.directError ? "read failed" : "partial read failed")
+                        : (result.identifiers.length > 1 ? "read " + result.identifiers.length + " tags" : "read " + result.identifiers[0])
                 },
                 nodeId: nodeId
             });
@@ -308,6 +323,7 @@ class OpcUaServerProcess {
                 type: "error",
                 data: { fill: "red", shape: "ring", text: "failed read" },
                 error: error.message,
+                originalMsg: msg,
                 nodeId: nodeId
             });
         }
@@ -362,6 +378,7 @@ class OpcUaServerProcess {
                 type: "error",
                 data: { fill: "red", shape: "ring", text: "failed write" },
                 error: error.message,
+                originalMsg: msg,
                 nodeId: nodeId
             });
         }
@@ -524,21 +541,33 @@ class OpcUaServerProcess {
                 msg.topic = writtenPaths[0];
             }
 
-            process.send({
-                type: "send",
-                data: msg,
-                nodeId
-            });
+            let hasFailures = false;
+            if (Array.isArray(msg.payload) && msg.payload.length && msg.payload[0] && typeof msg.payload[0].status === "string") {
+                const failed = msg.payload.filter(item => item.status !== "Good");
+                if (failed.length) {
+                    hasFailures = true;
+                }
+            }
+            if (directError) {
+                hasFailures = true;
+            }
+
+            if (!hasFailures) {
+                process.send({
+                    type: "send",
+                    data: msg,
+                    nodeId
+                });
+            }
 
             process.send({
                 type: "status",
                 data: {
-                    fill: "green",
+                    fill: hasFailures ? (directError ? "red" : "yellow") : "green",
                     shape: "dot",
-                    text:
-                        writtenPaths.length > 1
-                            ? `write ${writtenPaths.length} tags`
-                            : `write ${writtenPaths[0]}`
+                    text: hasFailures
+                        ? (directError ? "write failed" : "partial write failed")
+                        : (writtenPaths.length > 1 ? `write ${writtenPaths.length} tags` : `write ${writtenPaths[0]}`)
                 },
                 nodeId
             });
@@ -582,6 +611,7 @@ class OpcUaServerProcess {
                     text: "failed write"
                 },
                 error: error.message,
+                originalMsg: msg,
                 nodeId
             });
         }
@@ -880,6 +910,222 @@ class OpcUaServerProcess {
         }
     }
 
+    async readActiveSessions(msg, nodeId) {
+        try {
+            await this.ensureReady();
+            const server = this.node && this.node.server;
+            if (!server || !server.engine) {
+                throw new Error("OPC UA server is not available");
+            }
+
+            const rawSessions = server.engine._sessions || {};
+            const sessions = Object.values(rawSessions).map((session) => buildSessionSnapshot(session));
+
+            if (msg) {
+                const outMsg = Object.assign({}, msg);
+                outMsg.payload = sessions;
+
+                process.send({
+                    type: "send",
+                    data: outMsg,
+                    nodeId: nodeId
+                });
+            }
+
+            process.send({
+                type: "status",
+                data: {
+                    fill: "green",
+                    shape: "dot",
+                    text: sessions.length === 1
+                        ? "1 session"
+                        : sessions.length + " sessions"
+                },
+                nodeId: nodeId
+            });
+        } catch (error) {
+            if (msg) {
+                process.send({
+                    type: "error",
+                    data: { fill: "red", shape: "ring", text: "failed getSessions" },
+                    error: error.message,
+                    originalMsg: msg,
+                    nodeId: nodeId
+                });
+            } else {
+                process.send({
+                    type: "status",
+                    data: { fill: "red", shape: "ring", text: "failed getSessions: " + error.message },
+                    nodeId: nodeId
+                });
+            }
+        }
+    }
+
+    async deleteActiveSessions(msg, nodeId) {
+        try {
+            await this.ensureReady();
+            const server = this.node && this.node.server;
+            if (!server || !server.engine) {
+                throw new Error("OPC UA server is not available");
+            }
+
+            const payload = msg && Array.isArray(msg.payload) ? msg.payload : [];
+            if (!payload.length) {
+                throw new Error("msg.payload must be a non-empty array of { sessionId } objects");
+            }
+
+            const engine = server.engine;
+            const rawSessions = engine._sessions || {};
+
+            const results = payload.map((item) => {
+                const requestedId = String(item && item.sessionId || "").trim();
+                if (!requestedId) {
+                    return { sessionId: requestedId, status: "error", error: "sessionId is required" };
+                }
+
+                // Sessions are keyed by authenticationToken; find by matching nodeId (the GUID sessionId)
+                const found = Object.values(rawSessions).find(
+                    (s) => safeToString(s.nodeId) === requestedId
+                );
+
+                if (!found) {
+                    return { sessionId: requestedId, status: "not_found" };
+                }
+
+                try {
+                    engine.closeSession(found.authenticationToken, true, "Forcing");
+                    return { sessionId: requestedId, status: "deleted" };
+                } catch (closeError) {
+                    return { sessionId: requestedId, status: "error", error: closeError.message };
+                }
+            });
+
+            const deletedCount = results.filter((r) => r.status === "deleted").length;
+            const notFoundCount = results.filter((r) => r.status === "not_found").length;
+            const errorCount = results.filter((r) => r.status === "error").length;
+
+            if (msg) {
+                const outMsg = Object.assign({}, msg);
+                outMsg.payload = results;
+
+                process.send({
+                    type: "send",
+                    data: outMsg,
+                    nodeId: nodeId
+                });
+            }
+
+            const statusParts = [];
+            if (deletedCount) statusParts.push("deleted " + deletedCount);
+            if (notFoundCount) statusParts.push("not found " + notFoundCount);
+            if (errorCount) statusParts.push("error " + errorCount);
+
+            process.send({
+                type: "status",
+                data: {
+                    fill: errorCount ? "red" : (notFoundCount ? "yellow" : "green"),
+                    shape: "dot",
+                    text: statusParts.join(", ") || "no sessions"
+                },
+                nodeId: nodeId
+            });
+        } catch (error) {
+            if (msg) {
+                process.send({
+                    type: "error",
+                    data: { fill: "red", shape: "ring", text: "failed deleteSessions" },
+                    error: error.message,
+                    originalMsg: msg,
+                    nodeId: nodeId
+                });
+            } else {
+                process.send({
+                    type: "status",
+                    data: { fill: "red", shape: "ring", text: "failed deleteSessions: " + error.message },
+                    nodeId: nodeId
+                });
+            }
+        }
+    }
+
+}
+
+/**
+ * Serializes a node-opcua ServerSession into a plain, IPC-safe object.
+ */
+function buildSessionSnapshot(session) {
+    return {
+        sessionId: safeToString(session.nodeId),
+        sessionName: String(session.sessionName || ""),
+        status: String(session.__status || ""),
+        creationDate: session.creationDate instanceof Date ? session.creationDate.toISOString() : null,
+        sessionTimeout: safeNumber(session.sessionTimeout),
+        clientLastContactTime: safeNumber(session.clientLastContactTime),
+        channelId: session.channelId != null ? session.channelId : null,
+        clientDescription: buildClientDescription(session.clientDescription),
+        userIdentityToken: buildUserIdentityToken(session.userIdentityToken),
+        channel: buildChannelInfo(session.channel),
+        currentSubscriptionCount: safeNumber(session.currentSubscriptionCount),
+        cumulatedSubscriptionCount: safeNumber(session.cumulatedSubscriptionCount),
+        currentMonitoredItemCount: safeNumber(session.currentMonitoredItemCount),
+        aborted: Boolean(session.aborted)
+    };
+}
+
+function safeToString(value) {
+    try {
+        return value != null ? String(value) : null;
+    } catch (_) {
+        return null;
+    }
+}
+
+function safeNumber(value) {
+    const n = Number(value);
+    return Number.isFinite(n) ? n : null;
+}
+
+function buildClientDescription(desc) {
+    if (!desc || typeof desc !== "object") {
+        return null;
+    }
+    return {
+        applicationUri: safeToString(desc.applicationUri),
+        productUri: safeToString(desc.productUri),
+        applicationName: desc.applicationName && desc.applicationName.text
+            ? String(desc.applicationName.text)
+            : safeToString(desc.applicationName),
+        applicationType: safeToString(desc.applicationType)
+    };
+}
+
+function buildUserIdentityToken(token) {
+    if (!token || typeof token !== "object") {
+        return null;
+    }
+    return {
+        policyId: safeToString(token.policyId),
+        userName: safeToString(token.userName),
+        // Never expose passwords or raw credential bytes
+        tokenType: safeToString(token.schema && token.schema.name)
+    };
+}
+
+function buildChannelInfo(channel) {
+    if (!channel || typeof channel !== "object") {
+        return null;
+    }
+    return {
+        channelId: channel.channelId != null ? channel.channelId : null,
+        remoteAddress: safeToString(channel.remoteAddress),
+        remotePort: safeNumber(channel.remotePort),
+        bytesRead: safeNumber(channel.bytesRead),
+        bytesWritten: safeNumber(channel.bytesWritten),
+        transactionsCount: safeNumber(channel.transactionsCount),
+        securityMode: safeToString(channel.securityMode),
+        securityPolicy: safeToString(channel.securityPolicy)
+    };
 }
 
 /**
@@ -932,14 +1178,33 @@ process.on("message", async (msg) => {
                 break;
 
             case "buildServerSnapshot":
-                OpcUaServerStatusNode(serverProcess.node, msg.msg, msg.nodeId)
-                break
+                try {
+                    await serverProcess.ensureReady();
+                    OpcUaServerStatusNode(serverProcess.node, msg.msg, msg.nodeId);
+                } catch (error) {
+                    process.send({
+                        type: "status",
+                        data: {
+                            fill: msg.msg ? "red" : "yellow",
+                            shape: "ring",
+                            text: msg.msg ? "Status: " + error.message : "waiting for server"
+                        },
+                        nodeId: msg.nodeId
+                    });
+                }
+                break;
             case "eventsServer":
                 eventsServer(serverProcess.node, msg.node, msg.nodeId)
                 break;
             case "readActiveAlarms":
                 serverProcess.readActiveAlarms(msg.msg, msg.nodeId)
                 break;
+            case "readActiveSessions":
+                await serverProcess.readActiveSessions(msg.msg, msg.nodeId);
+                break;
+            case "deleteActiveSessions":
+                await serverProcess.deleteActiveSessions(msg.msg, msg.nodeId);
+                break;
 
 
 

package/server/lib/opcua-server-runtime.js

@@ -2,13 +2,17 @@
 
 
 
+const path = require("path");
 const {
     OPCUAServer,
     UserTokenType,
     buildApplicationUri,
     makeRoles,
     WellKnownRoles,
-    resolveNodeId
+    resolveNodeId,
+    OPCUACertificateManager,
+    SecurityPolicy,
+    MessageSecurityMode
 } = require("./opcua-constants");
 const { OpcUaAddressSpaceBuilder } = require("./opcua-address-space-builder");
 const { OpcUaServerMethods } = require("./opcua-server-methods");
@@ -29,13 +33,22 @@ class OpcUaServerRuntime {
         this.serverName = options.settings.serverName;
         this.port = options.settings.port;
         this.maxConnections = options.settings.maxConnections;
+        this.minSessionTimeout = options.settings.minSessionTimeout;
+        this.defaultSessionTimeout = options.settings.defaultSessionTimeout;
+        this.maxSessionTimeout = options.settings.maxSessionTimeout;
         this.namespaceUri = options.settings.namespaceUri;
         this.resourcePath = options.settings.resourcePath;
         this.allowAnonymous = options.settings.allowAnonymous;
+        this.automaticallyAcceptUnknownCertificate = options.settings.automaticallyAcceptUnknownCertificate;
+        this.certificatesFolder = options.settings.certificatesFolder;
         this.groups = options.settings.groups;
         this.users = options.settings.users;
-        this.securityPolicy = options.settings.securityPolicy;
-        this.securityMode = options.settings.securityMode;
+        this.securityPolicies = Array.isArray(options.settings.securityPolicies) && options.settings.securityPolicies.length > 0
+            ? options.settings.securityPolicies
+            : [SecurityPolicy.None];
+        this.securityModes = Array.isArray(options.settings.securityModes) && options.settings.securityModes.length > 0
+            ? options.settings.securityModes
+            : [MessageSecurityMode.None];
         this.treeConfig = options.settings.treeConfig;
 
         this.server = null;
@@ -52,6 +65,28 @@ class OpcUaServerRuntime {
             return;
         }
 
+        const certificateFolder = this.certificatesFolder || path.resolve(__dirname, "..", "..", "certificates");
+        this.serverCertificateManager = new OPCUACertificateManager({
+            rootFolder: certificateFolder,
+            automaticallyAcceptUnknownCertificate: this.automaticallyAcceptUnknownCertificate
+        });
+        await this.serverCertificateManager.initialize();
+
+        // Ensure directories exist immediately on startup
+        const fs = require("fs");
+        try {
+            const trustedDir = path.join(certificateFolder, "trusted", "certs");
+            const rejectedDir = path.join(certificateFolder, "rejected");
+            if (!fs.existsSync(trustedDir)) {
+                fs.mkdirSync(trustedDir, { recursive: true });
+            }
+            if (!fs.existsSync(rejectedDir)) {
+                fs.mkdirSync(rejectedDir, { recursive: true });
+            }
+        } catch (e) {
+            // Ignore directory creation errors
+        }
+
         this.server = new OPCUAServer(this.buildServerOptions());
         await this.server.initialize();
 
@@ -74,6 +109,7 @@ class OpcUaServerRuntime {
 
         this.addressSpaceBuilder.rebuild(this.treeConfig);
         await this.server.start();
+
         this.registry.registerServer(this);
 
         //Methods
@@ -200,9 +236,17 @@ class OpcUaServerRuntime {
             });
         }
 
+        const certificatesFolder = this.certificatesFolder || path.resolve(__dirname, "..", "..", "certificates");
+
         return {
             port: this.port,
+            minSessionTimeout: this.minSessionTimeout !== undefined ? this.minSessionTimeout : 100,
+            defaultSessionTimeout: this.defaultSessionTimeout !== undefined ? this.defaultSessionTimeout : 30000,
+            maxSessionTimeout: this.maxSessionTimeout !== undefined ? this.maxSessionTimeout : 3000000,
             resourcePath: this.resourcePath,
+            serverCertificateManager: this.serverCertificateManager,
+            certificateFile: path.join(certificatesFolder, "own", "certs", "server_selfsigned_cert_2048.pem"),
+            privateKeyFile: path.join(certificatesFolder, "own", "private", "private_key.pem"),
             buildInfo: {
                 productName: "opc-ua-server",
                 buildNumber: "1",
@@ -216,8 +260,8 @@ class OpcUaServerRuntime {
                 applicationUri: buildApplicationUri(this.serverName),
                 productUri: "urn:node-red:opc-ua-server"
             },
-            securityPolicies: [this.securityPolicy],
-            securityModes: [this.securityMode],
+            securityPolicies: this.securityPolicies,
+            securityModes: this.securityModes,
             allowAnonymous: this.allowAnonymous,
             userManager: {
                 isValidUser: (username, password) => this.isValidUser(username, password),

package/server/lib/opcua-server-status-child.js

@@ -10,13 +10,6 @@ function OpcUaServerStatusNode(node, msg, nodeId) {
         const serverNode = resolveRegisteredServer(node, msg, registry);
         const snapshot = buildServerSnapshot(serverNode);
 
-        msg.payload = snapshot;
-        msg.opcua = msg.opcua || {};
-        msg.opcua.server = snapshot.identity.serverRef;
-        msg.opcua.endpointUrl = snapshot.endpointUrl;
-
-
-
         process.send({
             type: "status",
             data: {
@@ -27,11 +20,18 @@ function OpcUaServerStatusNode(node, msg, nodeId) {
             nodeId: nodeId
         });
 
-        process.send({
-            type: "send",
-            data: msg,
-            nodeId: nodeId
-        });
+        if (msg) {
+            msg.payload = snapshot;
+            msg.opcua = msg.opcua || {};
+            msg.opcua.server = snapshot.identity.serverRef;
+            msg.opcua.endpointUrl = snapshot.endpointUrl;
+
+            process.send({
+                type: "send",
+                data: msg,
+                nodeId: nodeId
+            });
+        }
 
 
     } catch (error) {
@@ -41,9 +41,9 @@ function OpcUaServerStatusNode(node, msg, nodeId) {
          process.send({
             type: "status",
             data: {
-                fill: "red",
+                fill: msg ? "red" : "yellow",
                 shape: "ring",
-                text: "Status: " + error
+                text: msg ? "Status: " + error.message : "waiting for server"
             },
             nodeId: nodeId
         });

package/server/nodered/simple_opcua/server/certificates/own/certs/server_selfsigned_cert_2048.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIENTCCAx2gAwIBAgIHAXgZZJFWWTANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQG
+EwJGUjEQMA4GA1UEBxMHT3JsZWFuczERMA8GA1UEChMIU3RlcmZpdmUxFjAUBgNV
+BAMMDW15U2VydmVyMUB0dWYwHhcNMjYwNjIwMTQxNTE1WhcNMzYwNjE3MTQxNTE1
+WjBKMQswCQYDVQQGEwJGUjEQMA4GA1UEBxMHT3JsZWFuczERMA8GA1UEChMIU3Rl
+cmZpdmUxFjAUBgNVBAMMDW15U2VydmVyMUB0dWYwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC7IYbSbk1mosq3NdM494XdHfuLulEf07RmRRcXhv53/iPC
+HTzTpyyaT9P2KItUEMf1+1m26O53gl8BlwbS+oCuDt34ORO0dWDoftgBXjP0uUWz
+seaZ7AVwXL1yorYAK11VLHU4cxfzVLKK5WbiB+qEiQSUG+EKHlEtmyIEbrsOGh8s
+ZZCE4rFjavzSaCGN7bwqNMtGyFPS5FGZ8HvvtLqhzyz0ew0TaZKpnaFQGxtvGI68
+6yICgutmSXqyII8OHCXQ751gLzbhvADVUf/CvhX60ZCDMcGBQcFeLPkZF4CfQ2OP
+2OZkm/2ulS+NZXWqDFX6pvN/Zsy57q4RKR+x+nDFAgMBAAGjggEeMIIBGjBVBglg
+hkgBhvhCAQ0ESAxGU2VsZi1zaWduZWQgY2VydGlmaWNhdGUgZ2VuZXJhdGVkIGJ5
+IE5vZGUtT1BDVUEgQ2VydGlmaWNhdGUgdXRpbGl0eSBWMjAMBgNVHRMBAf8EAjAA
+MCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMC
+AvQwHQYDVR0OBBYEFF3kmynfd5siPu9cso8NLIdURx8+MB8GA1UdIwQYMBaAFF3k
+mynfd5siPu9cso8NLIdURx8+MEEGA1UdEQQ6MDiCA1RVRoIDdHVmhwTAqGQBhwTA
+qA9khwTAqBEBhhp1cm46dHVmOm5vZGUtcmVkOm15c2VydmVyMTANBgkqhkiG9w0B
+AQsFAAOCAQEAkDutnUHoeK6CQmYlTV2pJPW+1qcJ9QDCrDEJjoMReWY97CQqrPxm
+9/nTQtPiHedsiF7LbOqsPpiK/chEACSaQO+OYzGtMydKehlC89KUG26TH+OgtVjM
+zVi3sfSpo33jJ1T1Z8YKw9rnOfjkWzfMa6RW4+4p1DNR4RJcvKsNRTkh/C8RDFr0
+ZPave1jxaYpxPQGHKD1lqQD6uIGaYwAogkQDn41Bl1/PwC79gOgs0WmKDZuQ3BpR
+wGSa6Bcqzj3zzBQapSs5fFjuUyowaFsGI48N3mJJx4LlYB17yuOD5R6a6nzVJyaL
+QsKqGvKkNFP0c3F1H+pkUGFGgR9PkkA5Xg==
+-----END CERTIFICATE-----

package/server/nodered/simple_opcua/server/certificates/own/openssl.cnf

@@ -0,0 +1,72 @@
+##################################################################################################
+## SIMPLE OPENSSL CONFIG FILE FOR SELF-SIGNED CERTIFICATE GENERATION
+################################################################################################################
+
+distinguished_name       = req_distinguished_name
+default_md               = sha1
+
+default_md                = sha256                      # The default digest algorithm
+
+[ v3_ca ]
+subjectKeyIdentifier        = hash
+authorityKeyIdentifier      = keyid:always,issuer:always
+
+# authorityKeyIdentifier    = keyid
+basicConstraints            = CA:TRUE
+keyUsage                    = critical, cRLSign, keyCertSign
+nsComment                   = "Self-signed Certificate for CA generated by Node-OPCUA Certificate utility"
+#nsCertType                 = sslCA, emailCA
+#subjectAltName             = email:copy
+#issuerAltName              = issuer:copy
+#obj                        = DER:02:03
+# crlDistributionPoints       = @crl_info
+# [ crl_info ]
+# URI.0                     = http://localhost:8900/crl.pem
+subjectAltName              = $ENV::ALTNAME
+
+[ req ]
+days                      = 390
+req_extensions            = v3_req
+x509_extensions           = v3_ca
+
+[v3_req]
+basicConstraints       = CA:false
+keyUsage               = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment
+subjectAltName         = $ENV::ALTNAME
+
+[ v3_ca_signed]
+subjectKeyIdentifier      = hash
+authorityKeyIdentifier    = keyid,issuer
+basicConstraints          = critical, CA:FALSE
+keyUsage                  = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment
+extendedKeyUsage          = clientAuth,serverAuth 
+nsComment                 = "certificate generated by Node-OPCUA Certificate utility and signed by a CA"
+subjectAltName            = $ENV::ALTNAME
+[ v3_selfsigned]
+subjectKeyIdentifier      = hash
+authorityKeyIdentifier    = keyid,issuer
+basicConstraints          = critical, CA:FALSE
+keyUsage                  = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment
+extendedKeyUsage          = clientAuth,serverAuth 
+nsComment                 = "Self-signed certificate generated by Node-OPCUA Certificate utility"
+subjectAltName            = $ENV::ALTNAME
+[ req_distinguished_name ]
+countryName             = Country Name (2 letter code)
+countryName_default     = FR
+countryName_min         = 2
+countryName_max         = 2
+# stateOrProvinceName     = State or Province Name (full name)
+# stateOrProvinceName_default = Ile de France
+# localityName            = Locality Name (city, district)
+# localityName_default    = Paris
+organizationName          = Organization Name (company)
+organizationName_default  = NodeOPCUA
+# organizationalUnitName  = Organizational Unit Name (department, division)
+# organizationalUnitName_default = R&D
+commonName                = Common Name (hostname, FQDN, IP, or your name)
+commonName_max            = 256
+commonName_default        = NodeOPCUA
+# emailAddress            = Email Address
+# emailAddress_max        = 40
+# emailAddress_default    = node-opcua (at) node-opcua (dot) com
+subjectAltName            = $ENV::ALTNAME

package/server/nodered/simple_opcua/server/certificates/own/private/private_key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC7IYbSbk1mosq3
+NdM494XdHfuLulEf07RmRRcXhv53/iPCHTzTpyyaT9P2KItUEMf1+1m26O53gl8B
+lwbS+oCuDt34ORO0dWDoftgBXjP0uUWzseaZ7AVwXL1yorYAK11VLHU4cxfzVLKK
+5WbiB+qEiQSUG+EKHlEtmyIEbrsOGh8sZZCE4rFjavzSaCGN7bwqNMtGyFPS5FGZ
+8HvvtLqhzyz0ew0TaZKpnaFQGxtvGI686yICgutmSXqyII8OHCXQ751gLzbhvADV
+Uf/CvhX60ZCDMcGBQcFeLPkZF4CfQ2OP2OZkm/2ulS+NZXWqDFX6pvN/Zsy57q4R
+KR+x+nDFAgMBAAECggEAGofM0Q3BXIFNAz+W1DdHm8tR7AP812nQ5ET8WqIRdtqp
+oC47/vfvG2ug7f/ejQsaBnZdyFBq6repl5Sda5EHaGYEM1qIQCf6FsxQ/JSqAhK4
+XpskygLL3JvRYizOZ+S+BULZ1ah/p0iFTarrdLVRmvvAEe2H8MLOmIwrfPxj+cId
+Lb02xSX3FEf7TC4fUkTJQP52PDNT/oIZhUE807tBmlCLhAIKg3DaZhnAXILpY9q6
+HWbR1lZffzz912XY2fOeHhZI6yKH2BcciVMbP3MEuFLaEQKyYpQCYIraBlcYcGNT
+8pyIPBukaejOJ08MHZQrh6PFYzZrISRJHVriFYDfuwKBgQDm3T1UOq3DBOOo7TvG
+VgNSfxZaXRCAua12qM9f0iz7DA5waFQ8l+0oHcBikRtuvaxGq9kfmINFqUQEow4w
+YXloR5AdNgub4Q8Wb/kMYr1Qq750q5MvavhxT2PKNzONQ5f0g9E2DciSVoZeVSK4
+6q+ZyuodXw2ahLS5pJUSBCCFIwKBgQDPgVUakeePBL+g0Oy5i8DuuTErj1h2J/dA
+IYDvA3MvccQMJNf1tKkDfTdXZd/CG4JL5JNYlCzPT7V2KInXrL8sFWi6/Y+t1MXA
+E+LHI33Il4jbBBvWx9ItyBS6oouANGaO4pQZL0c720hGffK246P0RiER8T1fdeS3
+JPv+ylPU9wKBgDeQFbuY58sg+R3mAtXoS6JmPd3/ugIRLiN523cnYXYGX89D/Moc
+kpJuHqhaXizX74eOwpHtJeL1Kw6mo7qXKx4i4xd0s3SPxQ7UYi9N8FxjCVKRHLpz
+11mGDvFTOdAM7ZyGwSpuRNCbjHlVqiaxLRQplxD8mIyQ1eI8LziHz7/bAoGBAMBy
+VWh/+v8ES2kteu8Wcwe0D6szlbp3lHMQ35BMZc6Rt13/6Z6CP+Hxhpry65QNiUkz
+o4gaXHikl0oPjM/O8bpD3M7XjSKN3B0pFEDWZLjd+VoOtHb8+avmDXuOdsyfTKKl
+9u5oj6su0xg1hR4jf5J0XAVU9DONlmJY1bFXGmq/AoGAZmCwBdOA830uETdh3AOb
+cI8F1SozJOqGbTrl7GzyzOUvFxsMkD9NOHCI4LD6sDRdJM1CE1As33hNKG2v9B+C
+/MTpbWsTWCAmMhAy7QUXMqDq/g5J2WbfhcXErGps4fQxJzVt1sapedIzFBw9m5XP
+QVMSTmXF6C3wg3QbzTVsQTM=
+-----END PRIVATE KEY-----

package/server/nodered/simple_opcua/server/certificates/trusted/certs/NodeOPCUA-Client@tuf[c5a9e20a8b680cdff76aaf0165bb3c9318da37a5].pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEKjCCAxKgAwIBAgIHAXdVh2g4JzANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQG
+EwJGUjEQMA4GA1UEBxMHT3JsZWFuczERMA8GA1UEChMIU3RlcmZpdmUxHTAbBgNV
+BAMMFE5vZGVPUENVQS1DbGllbnRAdHVmMB4XDTI2MDQwNzE4NDgwM1oXDTM2MDQw
+NDE4NDgwM1owUTELMAkGA1UEBhMCRlIxEDAOBgNVBAcTB09ybGVhbnMxETAPBgNV
+BAoTCFN0ZXJmaXZlMR0wGwYDVQQDDBROb2RlT1BDVUEtQ2xpZW50QHR1ZjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMhBslFMtRXQ2Ww7JAtPLoM7I1s
+QP7mmHOv0U7mcSLib/yksMNT0G2U5J1EHI+Km1JwTYXujJnzi/ouuuQsWUsm3zP6
+KAO1XzQuIYf8iEBblzOCA53eTvo056zNfeDoUb9l1CfQH/H6sL2js786dUpuJCG9
+fuCfgrExRbzZQrELcduwRPuVio770NK086orAzFIXaRM20F4HMkTtorsRoGUIU5s
+u6Fqy9nmdKY4w4JHQMafO3L1lHEbGuVwZmmkXmTQtBIS6W8tPSa9fh7GrlHJP4Zc
+cgcp/xuXcpWfHjJaAmUQtCuNprlywJBChlstWkJ09zj1VvqoAWd0GL7ehQkCAwEA
+AaOCAQUwggEBMFUGCWCGSAGG+EIBDQRIDEZTZWxmLXNpZ25lZCBjZXJ0aWZpY2F0
+ZSBnZW5lcmF0ZWQgYnkgTm9kZS1PUENVQSBDZXJ0aWZpY2F0ZSB1dGlsaXR5IFYy
+MAwGA1UdEwEB/wQCMAAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MA4GA1UdDwEB/wQEAwIC9DAdBgNVHQ4EFgQUVOT0LzYI7XAMQ11FOV/+tUCUkvYw
+HwYDVR0jBBgwFoAUVOT0LzYI7XAMQ11FOV/+tUCUkvYwKAYDVR0RBCEwH4IDdHVm
+hhh1cm46dHVmOk5vZGVPUENVQS1DbGllbnQwDQYJKoZIhvcNAQELBQADggEBABiN
+x0XNf1nDyRyJQCQ4GMS9e/xrjO3FV106IJRPEosoB10R7zBL92ra4+3AilGnNOeM
+1O5eIel67DNL2kjw+5ggagtOmhJ3g3ZXFMpF08BeKnMwavoLs74yBZVFDq+2fOxs
+kDdMX5TOpC4kZHMG5G9Cha9mcWjYSAYWVko/WCfby4D+MQiwraAraDL12uFcRVnP
+htDTuNxs+dfKefiIsTgSlkJMisfGEV/EzmwSsTpvtuUZ5DwKddolRGsB/cXqTjc0
+vGxHFjsuqp77gUyb9LNqE8ENi7pOZQFFhAmjSXTXcklWVynycgQ1E0TSNNQio4Xi
+QZtA1NgPnLI6b2kubUQ=
+-----END CERTIFICATE-----