Documentation Menu

TC_M_09_CS — Install CA certificate - AdditionalRootCertificateCheck - Rejected

Source: OCPP 2.0.1 Part 6 — Test Cases (Core & Advanced Security, FINAL, 2023-06-30) — Functional block M. ISO 15118 CertificateManagement, page 273.

Identification

Field	Value
Test case name	Install CA certificate - AdditionalRootCertificateCheck - Rejected
Test case Id	TC_M_09_CS
Use case Id(s)	M05
Requirement(s)	M05.FR.10,M05.FR.11
System under test	Charging Station
Functional block	M. ISO 15118 CertificateManagement

Description

The CSMS is able to request the Charging Station to install new Root CA certificates using the InstallCertificateRequest message.

Purpose

To verify if the Charging Station is able to reject installing a new CSMSRootCertificate that is not signed by the old CSMSRootCertificate, while additional security measures for installing a root certificate is active.

Prerequisite(s)

The Charging Station has the configuration variable AdditionalRootCertificateCheck implemented with value true

Before (Preparations)

Configuration State:

Memory State:

Reusable State(s):

Main (Test scenario)

Charging Station	CSMS
2. The Charging Station responds with a InstallCertificateResponse	1. The OCTT sends a InstallCertificateRequest; with certificateType is CSMSRootCertificate certificate is <Configured CSMSRootCertificate>; Note(s):; - CSMSRootCertificate must have not been signed by old certificate.
4. The Charging Station responds with a GetInstalledCertificateIdsResponse	3. The OCTT sends a GetInstalledCertificateIdsRequest; with certificateType is CSMSRootCertificate

Tool validations

Step 2:

Message: InstallCertificateResponse

status must be Rejected

Step 4:

Message: GetInstalledCertificateIdsResponse

status must be Accepted
certificateHashDataChain must contain one entry with following values:
certificateType is CSMSRootCertificate
certificateHashData contains <HashData from configured old CSMS Root certificate>

TC_M_09_CS — Install CA certificate - AdditionalRootCertificateCheck - Rejected