README
node-opcua-local-discovery-server
A local discovery server made with node-opcua that you can easily deploy using npm or docker
installing the LDS using npm
$ npm install -g node-opcua-local-discovery-server
$ lds --version
running from NPX
$npx node-opcua-local-discovery-server --help
Command | type | alias | default | comment |
---|---|---|---|---|
--help | display help message | |||
--version | display the node-opcua version used by the lds | |||
--alternateHostname | alternate compute name used when certificate is created (see note) | |||
--force | boolean | -f | false | force the creation of the certificate (overwrite existing certificate) (see note) |
--port | number | -p | 4840 | the LDS tcp listening port |
--tolerant | boolean | -t | true | if set, the LDS will automatically accept as valid any new server certificate |
notes!
LDS certificate is only created the first time he LDS program is run or if the certificate file cannot be found or if the
--force
argument is passed to the command line.alternateHostname
must be set appropriately when certificate is created.it is recommended to use
--tolerant false
in production environment for extra securityif
--tolerant false
is set to false, your server may fail to register itself to the LDS,as LDS will reject the connection because the certificate is not known. You will have to make sure that your server certificate file existing the trusted folder ( and is not present in the rejected folder of the lds pki).the LDS display in the console the location of the
trusted
certificate folders,you can manually move rejected certificate file from the rejected folder to the trusted/cert folder to trust them.
if
--tolerant true
or not specified, then the LDS accept secure connection from any server, unless server certificate appears in therejected
folder already.
# docker run sterfive/lds:latest --help
Options:
--version Show version number [boolean]
--alternateHostname
--help Show help [boolean]
-n, --applicationName the application name [string]
-p, --port port to listen to (default: 4840) [number]
-f, --force force recreation of LDS self-signed certification (taking into account alternateHostname) [boolean]
-t, --tolerant automatically accept unknown registering server certificate [boolean]
running LDS in a docker container
in the background
under linux
$ docker run -d -p 4840:4840 -v /temp/lds-config:/root/.config -e HOSTNAME=`hostname --fqdn` sterfive/lds:latest
on windows
$ docker run -d -p 4840:4840 -v C:\temp\lds-config:/root/.config -e HOSTNAME=%COMPUTERNAME% sterfive/lds:latest
interactively
if you want to run the lds interactively use -it
instead of -d
in the above commands.
passing argument
You can pass some command arguments to the LDS when you run it with docker. Simply add them after lds
checking the discovery server certificate
- By using the
-v
command the generated certificate will be in a permanent drive of your docker host machine. - Next time you run the LDS the certificate will not be recreated if it exists already unless you use the
-f
command. - you can check that the certificate with openssl using this command:
openssl x509 -in c:\sterfive_config\node-opcua-local-discovery-server-nodejs\pki\local_discovery_server_certificate.pem -text