Skip to content

Certificate Management (UCs M03 - M05)#262

Merged
matth-x merged 5 commits intomasterfrom
feature/cert-store
Feb 27, 2024
Merged

Certificate Management (UCs M03 - M05)#262
matth-x merged 5 commits intomasterfrom
feature/cert-store

Conversation

@matth-x
Copy link
Owner

@matth-x matth-x commented Feb 27, 2024
edited
Loading

Add support for CSMS certificates based on the OCPP 1.6 Security white paper / OCPP 2.0.1 use cases M03 - M05.

Implemented OCPP messages:

  • DeleteCertificate
  • GetInstalledCertificateIds
  • InstallCertificate

The certificate management can be used in two fashions:

  • The OCPP lib receives the requests from the server and forwards them to the certificate manager of the host system
  • The OCPP lib recieves the requests and implements a minimal certificate manager to process them. The certs are stored on the flash file system and the host TLS client can access them by reading the cert files.

To integrate the certificate manager of the host system, an adapter of the CertificateStore interface needs to be passed to mocpp_initialize(...) during the initialization. If the integration is in C-space, then the interface is ocpp_certificate_store.

To use the built-in minimal certificate manager, Mbed-TLS needs to be on the include path. Set the build flag MO_ENABLE_MBEDTLS=1 to enable the cert manager (and in future all modules which rely on Mbed-TLS). At the moment, only Mbed-TLS v2.28.1 is supported, but contributions for the support of further versions are highly welcome.

@matth-x matth-x merged commit bbf984a into master Feb 27, 2024
@matth-x matth-x deleted the feature/cert-store branch March 3, 2024 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@matth-x