General

For an OPC UA application to coexist and communicate properly in the operating system and in the OPC UA ecosystem, it needs to fulfill certain conditions, and integrate in the prescribed way with the environment. From the code, this what the OPC UA Application object offers. There are aspects of most OPC UA applications that need to be administered by the end user. In Windows desktop applications, OPC Studio offers a ready-made dialog for this, and you can integrate this dialog into your application.

The "Administer OPC UA Application" dialog allows:

• Viewing and managing trusted certificates. The user can change the Trusted, issuer and Rejected states of the certificates, import certificates, and delete certificates.
• Managing the own application certificate, either using self-signed approach, or from an OPC UA Global Discovery Server (GDS). The application certificate can be exported or imported. The user can also protect the private key of the certificate with a password, or unprotect it. Automatic fixes are offered for common issues with the application certificate.
• Viewing OPC UA application manifest.

Dialog Invocation

The dialog can be integrated into your application in following ways:

• Call the UIAdministerApplication Extension Method, typically on the static Instance Property of the EasyUAFormsApplication Class. This way, your application can invoke the dialog when it is appropriate for you, such as upon a specific command from the application menu.
• Call the AddToSystemMenu Method on the static Instance Property of the EasyUAFormsApplication Class. The method adds the "Administer OPC UA Application" command to the system menu of the form (the system menu is accessed by clicking in the very top left corner of the window caption bar, or from the keyboard using Alt+Space). This approach is useful when you cannot or do not want to modify the inner workings of an already existing application.

With any of the above methods, you can specify whether the end user will be allowed to change the password to the private key of the own application certificate. Changing the private key password should be disallowed if your application logic maintains the password itself, or if you have not implemented the logic to persist the private key password (if the user was allowed to change the private but your application won't persist it, the password will be incorrect next time the application is run, and it will not work).

Dialog Configuration

Before the dialog is run, you can influence some of its aspects. The methods related to invoking the dialog (see above) have overloads with arguments for that. Some of the relevant configuration options are described below.

• You can specify whether the interactive user will be allowed to change the password to the private key of the application certificate. Changing the password should only be allowed if there is a way to persist the the new password, otherwise the application may lose access to the private key of application certificate.
• You can specify whether the user interface for Pull Certificate Management will be available to the interactive user. The Pull Certificate Management is typically used with OPC UA clients. OPC UA servers typically the Push Certificate Management, although they can use the Pull Certificate Management as well.

Operations

For the end-user documentation, i.e. how you or the user of your application can operate the dialog, see Dialog: Administer OPC UA Application.