Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: correct csms_leaf_cert_directory default value in EvseSecurity #1010

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: correct csms_leaf_cert_directory default value in EvseSecurity #1010

wants to merge 1 commit into from
+1 −1

Conversation

cakira
Copy link

@cakira cakira commented Jan 17, 2025

Describe your changes

This pull request fixes a bug that impeded me from connecting to a CSMS server with OCPP Profile 3.

The csms_leaf_cert_directory should point to the directory where CSMS
leaf certificates are stored. However, the current default value
(client/csms) does not reflect the actual location. The certificates
are placed in ca/csms by the script
Josev/iso15118/shared/pki/create_certs.sh.

The directory certs/ca/csms/ contains:
  - CPO_SUB_CA1.pem
  - CPO_SUB_CA1_LEAF.der
  - CPO_SUB_CA2.pem
  - CPO_SUB_CA2_LEAF.der

Meanwhile, certs/client/csms/ is used to store the private keys:
  - CPO_SUB_CA1.key
  - CPO_SUB_CA2.key

This commit updates the default value of csms_leaf_cert_directory in
EvseSecurity to ca/csms, to match the directory structure created by
the script.

Issue ticket number and link

None

Checklist before requesting a review

  • I have performed a self-review of my code
  • I have made corresponding changes to the documentation
  • I read the contribution documentation and made sure that my changes meet its requirements

@cakira
fix: correct csms_leaf_cert_directory default value in EvseSecurity
135bc65 
The csms_leaf_cert_directory should point to the directory where CSMS
leaf certificates are stored. However, the current default value
(client/csms) does not reflect the actual location. The certificates
are placed in ca/csms by the script
Josev/iso15118/shared/pki/create_certs.sh.

The directory certs/ca/csms/ contains:
  - CPO_SUB_CA1.pem
  - CPO_SUB_CA1_LEAF.der
  - CPO_SUB_CA2.pem
  - CPO_SUB_CA2_LEAF.der

Meanwhile, certs/client/csms/ is used to store the private keys:
  - CPO_SUB_CA1.key
  - CPO_SUB_CA2.key

This commit updates the default value of csms_leaf_cert_directory in
EvseSecurity to ca/csms, to match the directory structure created by
the script.

Signed-off-by: Akira - Cleber Akira Nakandakare <[email protected]>
@cakira
Copy link
Author

cakira commented Jan 17, 2025

In the same file (modules/EvseSecurity/manifest.yaml), it seems that secc_leaf_cert_directory default value should also be changed, from client/cso to ca/cso.

However, I decided not to change it because I don’t know how to test it yet.

@AssemblyJohn
Copy link
Contributor

This issue seems to be more related to the cert generation and config (which is modifiable by end-users anyway) and this PR should fix it in an attempted cleaner manner: #399

Further modifications should be done in that PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AssemblyJohn AssemblyJohn Awaiting requested review from AssemblyJohn AssemblyJohn is a code owner

@Pietfried Pietfried Awaiting requested review from Pietfried Pietfried is a code owner

@hikinggrass hikinggrass Awaiting requested review from hikinggrass hikinggrass is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cakira @AssemblyJohn