The open62541 OPC UA stack relies on external libraries to implement cryptographic functions. As open62541 strives to be flexible, it does not rely on one fixed library – it rather provides a plugin interface that needs to be implemented. The first implementation was an integration against the mbedTLS library which was added during the 0.3 release cycle. Windriver contributed a plugin to use OpenSSL instead (1.1 release series).
basysKom recently extended this plugin to also accept PEM-based input. PEM is a file format used for certificates and keys which is specified by an RFC and is a preferred format for a lot of open source software. The pull request has been merged and our contribution is available from the 1.1 branch (and will also hit the master branch soon).
A second pull request which adds PEM support for the local (client or server) certificate to the OpenSSL and mbedTLS plugins has also been merged.
basysKom is currently working on adding support for password protected private keys in open62541. A first pull request for this feature can be found here.
basysKom is an active contributor to the open62541 project and is also offering commercial support services around this stack. Come talk to us for feature development, bugfixing or guidance on how to apply open62541 in your project.