HTTPs Support

This article is relevant for all .Net products

Does the SDK support HTTPS UA Binary & HTTPS UA XML facets?
The SDK supports only the binary encoding for HTTPS.

Does the SDK support HTTPS protocol over a VPN tunnel?
The SDK cannot establish a VPN connection. This has to be done by a third party program.
Once a VPN connection is established, the target network is treated like a local network and the OPC UA communication should work. We didn't test such a VPN connection scenario yet.

How HTTPS certificates (Client and Server) are supported by the SDK?
PKI configuration, self-signed, CA-chain, etc.
In OPC UA, every application requires to have an application instance certificate, which is used for anything related to security.
This specific application instance certificate is used also for the HTTPS communication.
The SDK supports all common certificate features (self signed certificates, CA-chains, revocation lists ...).

Note: As HTTPS is always encrypted, the trust relationship between Client and Server must be established before the very first communication.
Some other OPC UA clients can have problems using typically insecure services
(like GetEndpoints) on a secure HTTPS channel.