citrineos-core icon indicating copy to clipboard operation
citrineos-core copied to clipboard

Published 20 hours ago verified publisher icon citrineos

Certificate Part 3: Add Generate Certificate Endpoint

Open lydiazcheng opened this issue 10 months ago • 0 comments

Changes

This PR adds 2 new endpoints:

  1. generate root certificate
    • either create a self signed root certificate and a sub CA
    • or only create a sub CA and sign it by an external ca root certificate (use acme client and Let'e encrypt root cert)
  2. install root certificate to charger.
    • if fileId is set in the request body, this endpoint will install the given file to charger
    • if not, the endpoint will get the external root CA according to the certificate type, e.g., if certificateType is V2GRootCertificate, it get root CA from hubject and install it.

Local Test

Test case 1: create self signed root CA and sub CA

  1. call endpoint and get the generated certificate entities in the response body. Screenshot 2024-05-15 at 12 51 43 PM
  2. generated certs and keys are stores in directus files Screenshot 2024-05-15 at 12 52 32 PM

Test case 2: install root certificate to charger

  1. install self signed CSMSRootCertificate: Screenshot 2024-05-15 at 12 53 51 PM Screenshot 2024-05-15 at 12 54 18 PM
  2. install external CSMSRootCertificate from Lets encrypt Screenshot 2024-05-15 at 12 55 57 PM Screenshot 2024-05-15 at 12 56 16 PM
  3. install external V2GRootCertificate from hubject Screenshot 2024-05-15 at 12 57 25 PM Screenshot 2024-05-15 at 12 57 40 PM

Test case 3: create sub CA signed by external CA server TBD

Test case 4: Everest connect to Citrine using self signed root CA without no matched ciphers error TBD

lydiazcheng avatar Apr 18 '24 14:04 lydiazcheng