Server: some certificate validation steps specific errors shall be returned to client
As discussed in OPC UA mantis issue 8938, the following certificate validation specific errors shall be returned:
- OpcUa_BadCertificateTimeInvalid
- OpcUa_BadCertificateHostNameInvalid
- OpcUa_BadCertificateUriInvalid
- OpcUa_BadCertificateUseNotAllowed
- OpcUa_BadCertificateIssuerUseNotAllowed
- OpcUa_BadCertificateRevocationUnknown
- OpcUa_BadCertificateIssuerRevocationUnknown
- OpcUa_BadCertificateRevoked
- OpcUa_BadCertificateIssuerRevoked
Returning those error codes to client is expected for usability and are not a security concern. The part 2 will be modified to reflect that part 4 details the error code to return instead of returning only a generic code.