TC_087_CS — TLS - Client-side certificate - valid certificate
TC_087_CS — TLS - Client-side certificate - valid certificate
Source: OCPP 1.6 — Compliancy Testing Tool — Test Case Document (Trial 2025-06, Draft). System Under Test: Charge Point, page 111.
Identification
| Field | Value |
|---|---|
| Test case name | TLS - Client-side certificate - valid certificate |
| Test case Id | TC_087_CS |
| System under test | Charge Point |
Description
The Charge Point uses a client-side certificate to identify itself to the Central System, when using security profile 3.
Purpose
To verify whether the Charge Point is able to provide a valid client certificate and setup a secured WebSocket connection.
Prerequisite(s)
The Charge Point supports security profile 3.
Before (Preparations)
Configuration State(s):
- N/a
Memory State(s):
- N/a
Reusable State(s):
- N/a
Scenario Detail(s)
- N/a
Tool validation(s)
Charge Point side:
Step 4:
The OCTT validates the following before finishing the TLS handshake:
- The Charge Point must use TLS version 1.2 or above At least the following set of cipher suites must be supported: (TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 AND TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) OR (TLS_RSA_WITH_AES_128_GCM_SHA256 ANAD TLS_RSA_WITH_AES_256_GCM_SHA384)
- When using RSA or DSA the key must be at least 2048 bits long. and when using elliptic curve cryptography the key must be at least 224 bits long.
- The received Client side certificate must be transmitted in the X.509 format encoded in Privacy-Enhanced Mail (PEM) format.
- The certificate must include a serial number.
- The subject field of the certificate must contain a commonName RDN which consists of the unique serial number of the Charge Point. NOTE: If one of the above validations fails, the OCTT can still setup the WebSocket connection (if it is able to), but the testcase will FAIL and the OCTT reports why it failed. Post scenario validations: N/a
Central System side:
- N/a
Expected result(s) / behaviour
Charge Point side:
- N/a
Central System side:
- N/a