TC_A_23_CS — Update Charging Station Certificate by request of CSMS - CertificateSignedRequest Timeout
TC_A_23_CS — Update Charging Station Certificate by request of CSMS - CertificateSignedRequest Timeout
Source: OCPP 2.0.1 Part 6 — Test Cases (Core & Advanced Security, FINAL, 2023-06-30) — Functional block A. Security, page 20.
Identification
| Field | Value |
|---|---|
| Test case name | Update Charging Station Certificate by request of CSMS - CertificateSignedRequest Timeout |
| Test case Id | TC_A_23_CS |
| Use case Id(s) | A02 & F06 |
| Requirement(s) | A02.FR.17,A02.FR.18 |
| System under test | Charging Station |
| Functional block | A. Security |
Description
The CSMS is able to request the Charging Station to update its charging station certificate using the TriggerMessageRequest message.
Purpose
To verify if the Charging Station is able to send a new signCertificateRequest when it did not receive a certificateSignedRequest after the configured timeout.
Prerequisite(s)
- The charging station supports security profile 3
- The Charging Station supports the CertificateSignedRequest Timeout feature
Before (Preparations)
Configuration State:
- SecurityCtrlr.CertSigningWaitMinimum is <Configured CertSigningWaitMinimum> SecurityCtrlr.CertSigningRepeatTimes is 1
Memory State:
- N/a
Reusable State(s):
- N/a
Main (Test scenario)
| Charging Station | CSMS |
|---|---|
| 2. The Charging Station responds with a TriggerMessageResponse | 1. The OCTT sends a TriggerMessageRequest; With requestedMessage SignChargingStationCertificate |
| 3 The Charging Station sends a SignCertificateRequest | 4. The OCTT responds with a SignCertificateResponse; With status Accepted |
| 5. The OCTT does NOT send the CertificateSignedRequest and waits for the SignCertificateRequest to be resend after the <Configured CertSigningWaitMinimum> | |
| 6 The Charging Station sends a SignCertificateRequest | 7. The OCTT responds with a SignCertificateResponse; With status Accepted |
| 8. The OCTT does NOT send the CertificateSignedRequest and waits for the SignCertificateRequest to be resend after the <Configured CertSigningWaitMinimum> times 2 | |
| 9 The Charging Station sends a SignCertificateRequest | 10. The OCTT responds with a SignCertificateResponse; With status Accepted |
| 12. The Charging Station responds with a CertificateSignedResponse | 11. The OCTT sends a CertificateSignedRequest; With certificateChain <Certificate generated from the received CSR from step 3 and signed by the provided CSMS Root certificate> certificateType ChargingStationCertificate |
Tool validations
Step 2:
Message: TriggerMessageResponse
- status must be Accepted
Step 3/6/9:
Message: SignCertificateRequest
- csr must contain <An CSR that meets the following requirements: When using RSA or DSA the key must be at least 2048 bits long. and when using elliptic curve cryptography the key must be at least 224 bits long. The received CSR must be transmitted as described in RFC 2986 and then encoded in Privacy-Enhanced Mail (PEM) format.>
Step 5:
- The Charging Station shall not resend the SignCertificateRequest before the <Configured CertSigningWaitMinimum> expired
Step 8:
- The Charging Station shall not resend the SignCertificateRequest before the <Configured CertSigningWaitMinimum> times 2 expired
Step 12:
Message: CertificateSignedResponse
- status must be Accepted
Post scenario validations
- N/a