TC_M_30_CS — Install CA certificate - AdditionalRootCertificateCheck - Reconnect using new CSMS Root - Success
TC_M_30_CS — Install CA certificate - AdditionalRootCertificateCheck - Reconnect using new CSMS Root - Success
Source: OCPP 2.0.1 Part 6 — Test Cases (Core & Advanced Security, FINAL, 2023-06-30) — Functional block M. ISO 15118 CertificateManagement, page 274.
Identification
| Field | Value |
|---|---|
| Test case name | Install CA certificate - AdditionalRootCertificateCheck - Reconnect using new CSMS Root - Success |
| Test case Id | TC_M_30_CS |
| Use case Id(s) | M05 |
| Requirement(s) | M05.FR.13 |
| System under test | Charging Station |
| Functional block | M. ISO 15118 CertificateManagement |
Description
The CSMS is able to request the Charging Station to install new Root CA certificates using the InstallCertificateRequest message.
Purpose
To verify if the Charging Station is able to reconnect to the CSMS, while using a new CSMS Root certificate.
Prerequisite(s)
- The Charging Station has the configuration variable AdditionalRootCertificateCheck implemented with value true
- The at the OCTT configured new CSMSRootCertificate must be signed by the old CSMS Root certificate.
Before (Preparations)
Configuration State:
- N/a
Memory State:
- CertificateInstalled for certificateType CSMSRootCertificate and certificate <Configured new CSMS Root certificate 2> If security profile 3 is enabled, then: RenewChargingStationCertificate for certificateType ChargingStationCertificate
Reusable State(s):
- N/a
Main (Test scenario)
| Charging Station | CSMS |
|---|---|
| 2. The Charging Station responds with a ResetResponse | 1. The OCTT sends a ResetRequest; with type OnIdle |
| 4. During the TLS handshake the Charging Station validates the CSMS certificate.; Note(s):; - This connection attempt must succeed. | 3. During the TLS handshake the OCTT provides a CSMS certificate which is signed by the <Configured new CSMS Root certificate> |
| 5. Execute Reusable State Booted | |
| 7. The Charging Station responds with a GetInstalledCertificateIdsResponse | 6. The OCTT sends a GetInstalledCertificateIdsRequest; with certificateType is CSMSRootCertificate |
Tool validations
Step 2:
Message ResetResponse
- status Accepted
Step 7:
Message: GetInstalledCertificateIdsResponse
- status must be Accepted
- certificateHashDataChain must NOT contain an entry with following values:
- certificateType is CSMSRootCertificate
- certificateHashData contains <HashData from configured old CSMS Root certificate>
Post scenario validations
- N/a