OCPP 2.0.1 Edition 4 Section M + A02/A03

Certificate Management Flows - CSMS Developer Guide

Based on OCPP 2.0.1 Edition 4 Specification (Part 2), Section M (pages 304-320) and Section A Security (A02, A03). This guide covers all certificate management flows from the CSMS perspective.

6 Sections

8 Use Cases

M01 - M06, A02 - A03

1. Overview & Background

Introduction

Section M covers the management of ISO 15118 certificates used for Plug & Charge (PnC) and the general certificate lifecycle on Charging Stations. The ISO 15118 standard enables an EV to authenticate and authorize itself for charging using X.509 certificates, eliminating the need for RFID cards or other external identification.

PKI Structure (ISO 15118)

Four PKIs are relevant:

CSO (Charging Station Operator)

Trust anchor is V2G Root CA

CPS (Certificate Provisioning Service)

Trust anchor is V2G Root CA

MO (Mobility Operator)

May have its own Root CA or derive from V2G Root

OEM (Car Manufacturer)

Has its own Root CA

Certificate Types on the Charging Station

Type	Description
`V2GChargingStationCertificate`	SECC Certificate / EVSE Leaf Certificate. Used for TLS between CS and EV. Valid 2-3 months per ISO 15118.
`V2GRootCertificate`	ISO 15118 V2G Root. The V2G CS Certificate MUST be derived from this root.
`MORootCertificate`	eMobility Service Provider root. Supports PnC with contracts from providers not derived from V2G root.
`CSMSRootCertificate`	Root certificate for the CSMS connection.
`ManufacturerRootCertificate`	Root certificate from the Charging Station manufacturer (for firmware signing).

Certificate to Use Case Mapping

Certificate	Used For	Use Case	Remark
`ChargingStationCertificate`	CS-CSMS connection	A02, A03	Used for OCPP security in general
`V2GChargingStationCertificate`	CS-EV TLS (15118)	A02, A03	SECC cert, may be same as CS cert
`V2GRootCertificate`	Trust anchor for V2G	M05 (install), M03/M04 (manage)
`MORootCertificate`	Validate MO contracts	M05 (install), M03/M04 (manage)
`CSMSRootCertificate`	Trust CSMS server cert	M05 (install), M03/M04 (manage)
`ManufacturerRootCertificate`	Firmware signature verification	M05 (install), M03/M04 (manage)

2. Certificate Types in OCPP

Enums

These enumerations are used across various certificate management messages to identify certificate types and operations.

2.1 InstallCertificateUseEnumType

Used in InstallCertificateRequest to specify the type of root/CA certificate being installed.

InstallCertificateUseEnumType

"V2GRootCertificate" | "MORootCertificate" | "CSMSRootCertificate" | "ManufacturerRootCertificate"

2.2 GetCertificateIdUseEnumType

Used in GetInstalledCertificateIdsRequest to filter by certificate type.

GetCertificateIdUseEnumType

"V2GRootCertificate" | "MORootCertificate" | "CSMSRootCertificate" | "V2GCertificateChain" | "ManufacturerRootCertificate"

2.3 CertificateSigningUseEnumType

Used in SignCertificate and CertificateSigned messages.

CertificateSigningUseEnumType

"ChargingStationCertificate" | "V2GCertificate"

2.4 CertificateActionEnumType

Used in Get15118EVCertificateRequest to indicate whether this is an install or update operation.

CertificateActionEnumType

"Install" | "Update"

2.5 HashAlgorithmEnumType

Used in certificate hash data to specify the hashing algorithm.

HashAlgorithmEnumType

"SHA256" | "SHA384" | "SHA512"

3. OCPP Messages Used in Certificate Management

Protocol

Overview of all OCPP messages involved in certificate management flows, including their direction and which use cases reference them.

Incoming Messages (CS to CSMS)

Message	Direction	Used In
`Get15118EVCertificateRequest/Response`	CS → CSMS	M01, M02
`GetCertificateStatusRequest/Response`	CS → CSMS	M06
`SignCertificateRequest/Response`	CS → CSMS	A02, A03

Outgoing Messages (CSMS to CS)

Message	Direction	Used In
`CertificateSignedRequest/Response`	CSMS → CS	A02, A03
`GetInstalledCertificateIdsRequest/Response`	CSMS → CS	M03
`DeleteCertificateRequest/Response`	CSMS → CS	M04
`InstallCertificateRequest/Response`	CSMS → CS	M05
`TriggerMessageRequest/Response`	CSMS → CS	A02 (trigger CSR)

CSMS Handler Summary: The CSMS needs to handle 3 incoming messages (Get15118EVCertificateRequest, GetCertificateStatusRequest, SignCertificateRequest) and can initiate 5 outgoing messages to manage certificates on Charging Stations.

4. Certificate Flows

Use Cases M01-M06

M01

Certificate Installation EV

Install a new ISO 15118 contract certificate on an EV via the Charging Station.

Actors: EV, Charging Station, CSMS, CPS (Certificate Provisioning Service)

During an ISO 15118 session, the EV may request a new contract certificate installation. The Charging Station proxies this request to the CSMS using Get15118EVCertificateRequest. The CSMS communicates with the Certificate Provisioning Service (CPS) backend to process the request and returns the result.

Flow Diagram

EV                     Charging Station                    CSMS                    CPS
 |                           |                              |                       |
 |--CertificateInstallReq-->|                              |                       |
 |                           |--Get15118EVCertificateReq-->|                       |
 |                           |  (action=Install,            |                       |
 |                           |   iso15118SchemaVersion,     |--forward EXI--------->|
 |                           |   exiRequest)                |                       |
 |                           |                              |<--EXI response--------|
 |                           |<-Get15118EVCertificateResp--|                       |
 |                           |  (status, exiResponse)       |                       |
 |<-CertificateInstallRes--|                              |                       |

CSMS Receives: Get15118EVCertificateRequest

Charging Station --> CSMS

Get15118EVCertificateRequest (M01)

{
  "iso15118SchemaVersion": "urn:iso:15118:2:2013:MsgDef",
  "action": "Install",
  "exiRequest": "<Base64-encoded CertificateInstallationReq from EV>"
}

Field	Type	Required	Description
`iso15118SchemaVersion`	string	Yes	Schema version of the 15118 session between EV and CS. Max 50 chars.
`action`	CertificateActionEnumType	Yes	"Install" for M01
`exiRequest`	string	Yes	Raw CertificateInstallationReq from EV, Base64 encoded. Max 5600 chars.

CSMS Must Do:

Parse the iso15118SchemaVersion to determine which ISO 15118 schema to use for decoding.
Forward the exiRequest (Base64-encoded EXI) to the Certificate Provisioning Service (CPS) backend.
Receive the signed CertificateInstallationRes from the CPS.
Return the response as Base64-encoded EXI in exiResponse.

CSMS Responds: Get15118EVCertificateResponse

CSMS --> Charging Station

Get15118EVCertificateResponse (M01)

{
  "status": "Accepted",
  "exiResponse": "<Base64-encoded CertificateInstallationRes for EV>"
}

Field	Type	Required	Description
`status`	Iso15118EVCertificateStatusEnumType	Yes	"Accepted" or "Failed"
`statusInfo`	StatusInfoType	No	Additional status information
`exiResponse`	string	Yes	Raw CertificateInstallationRes for EV, Base64 encoded. Max 5600 chars.

Status values:

Accepted - Request processed successfully, exiResponse contains valid response for EV.
Failed - Could not process the request (e.g., CPS unreachable, invalid request).

Requirements (CSMS Perspective):

ID	Requirement
`M01.FR.01`	The CSMS SHALL be able to receive and process Get15118EVCertificateRequest with action = Install.
`M01.FR.02`	The CSMS SHALL forward the EXI request to the appropriate CPS/backend for certificate provisioning.
`M01.FR.03`	The CSMS SHALL return the CPS response as Base64-encoded EXI in exiResponse.
`M01.FR.04`	If the CPS is unreachable or returns an error, the CSMS SHALL respond with status = Failed.

M02

Certificate Update EV

Update an existing ISO 15118 contract certificate on an EV via the Charging Station.

Actors: EV, Charging Station, CSMS, MO (Mobility Operator)

Same mechanism as M01, but the EV sends a CertificateUpdateReq instead of CertificateInstallationReq. The Charging Station proxies it as a Get15118EVCertificateRequest with action = "Update".

Flow Diagram

EV                     Charging Station                    CSMS                    MO/CPS
 |                           |                              |                       |
 |--CertificateUpdateReq--->|                              |                       |
 |                           |--Get15118EVCertificateReq-->|                       |
 |                           |  (action=Update,             |                       |
 |                           |   iso15118SchemaVersion,     |--forward EXI--------->|
 |                           |   exiRequest)                |                       |
 |                           |                              |<--EXI response--------|
 |                           |<-Get15118EVCertificateResp--|                       |
 |                           |  (status, exiResponse)       |                       |
 |<-CertificateUpdateRes---|                              |                       |

CSMS Receives: Get15118EVCertificateRequest

Same schema as M01. The only difference is the action field:

Get15118EVCertificateRequest (M02)

{
  "iso15118SchemaVersion": "urn:iso:15118:2:2013:MsgDef",
  "action": "Update",
  "exiRequest": "<Base64-encoded CertificateUpdateReq from EV>"
}

CSMS Must Do:

Same as M01, but route to the MO backend (or appropriate certificate update service).
The exiRequest contains a CertificateUpdateReq (not CertificateInstallationReq).
Return the CertificateUpdateRes as Base64 in exiResponse.

CSMS Responds: Get15118EVCertificateResponse

Identical schema to M01 response.

Get15118EVCertificateResponse (M02)

{
  "status": "Accepted",
  "exiResponse": "<Base64-encoded CertificateUpdateRes for EV>"
}

Requirements (CSMS Perspective):

ID	Requirement
`M02.FR.01`	The CSMS SHALL be able to receive and process Get15118EVCertificateRequest with action = Update.
`M02.FR.02`	The CSMS SHALL forward the EXI update request to the MO/CPS backend.
`M02.FR.03`	The CSMS SHALL return the update response as Base64-encoded EXI in exiResponse.

M03

Retrieve List of Available Certificates from a Charging Station

Allow the CSMS to query which certificates are installed on a Charging Station.

Actors: CSMS, Charging Station

The CSMS sends a GetInstalledCertificateIdsRequest to retrieve information about certificates currently installed on the Charging Station. This can be used for certificate inventory management, pre-deletion checks, or auditing.

Flow Diagram

CSMS                                    Charging Station
 |                                           |
 |--GetInstalledCertificateIdsRequest------->|
 |  (certificateType: [...])                 |
 |                                           |
 |<-GetInstalledCertificateIdsResponse-------|
 |  (status, certificateHashDataChain: [...])|

CSMS Sends: GetInstalledCertificateIdsRequest

CSMS --> Charging Station

GetInstalledCertificateIdsRequest

{
  "certificateType": ["V2GRootCertificate", "MORootCertificate"]
}

Field	Type	Required	Description
`certificateType`	array of GetCertificateIdUseEnumType	No	Filter by certificate type(s). When omitted, all types are requested.

CSMS Receives: GetInstalledCertificateIdsResponse

Charging Station --> CSMS

GetInstalledCertificateIdsResponse

{
  "status": "Accepted",
  "certificateHashDataChain": [
    {
      "certificateType": "V2GRootCertificate",
      "certificateHashData": {
        "hashAlgorithm": "SHA256",
        "issuerNameHash": "...",
        "issuerKeyHash": "...",
        "serialNumber": "..."
      },
      "childCertificateHashData": [
        {
          "hashAlgorithm": "SHA256",
          "issuerNameHash": "...",
          "issuerKeyHash": "...",
          "serialNumber": "..."
        }
      ]
    }
  ]
}

Field	Type	Required	Description
`status`	GetInstalledCertificateStatusEnumType	Yes	"Accepted" or "NotFound"
`statusInfo`	StatusInfoType	No	Additional status info
`certificateHashDataChain`	array of CertificateHashDataChainType	No	List of installed certificates. Min 1 item if present.

CertificateHashDataChainType fields

Field	Type	Required	Description
`certificateType`	GetCertificateIdUseEnumType	Yes	Type of this certificate
`certificateHashData`	CertificateHashDataType	Yes	Hash data of the root/main certificate
`childCertificateHashData`	array of CertificateHashDataType	No	Child certificates in the chain (min 1, max 4 items if present)

CSMS Implementation Notes:

Send GetInstalledCertificateIdsRequest to audit installed certificates.
Omit certificateType to retrieve ALL installed certificates.
Use the returned CertificateHashDataType values for subsequent DeleteCertificateRequest calls (M04).
The childCertificateHashData represents sub-CA certificates in the chain (max depth of 4).

Requirements (CSMS Perspective):

ID	Requirement
`M03.FR.01`	The CSMS SHALL be able to send GetInstalledCertificateIdsRequest to a Charging Station.
`M03.FR.02`	The CSMS SHALL handle both Accepted and NotFound status responses.
`M03.FR.03`	When status is Accepted, the CSMS SHALL process the certificateHashDataChain to maintain an inventory of installed certificates.

M04

Delete a Specific Certificate from a Charging Station

Allow the CSMS to delete a specific certificate from a Charging Station.

Actors: CSMS, Charging Station

The CSMS sends a DeleteCertificateRequest containing the hash data that uniquely identifies the certificate to delete. The hash data can be obtained from a prior GetInstalledCertificateIdsResponse (M03).

Flow Diagram

CSMS                                    Charging Station
 |                                           |
 |--DeleteCertificateRequest---------------->|
 |  (certificateHashData: {...})             |
 |                                           |
 |<-DeleteCertificateResponse----------------|
 |  (status)                                 |

CSMS Sends: DeleteCertificateRequest

CSMS --> Charging Station

DeleteCertificateRequest

{
  "certificateHashData": {
    "hashAlgorithm": "SHA256",
    "issuerNameHash": "ABC123...",
    "issuerKeyHash": "DEF456...",
    "serialNumber": "1234567890"
  }
}

Field	Type	Required	Description
`certificateHashData`	CertificateHashDataType	Yes	Identifies the certificate to delete

CSMS Receives: DeleteCertificateResponse

Charging Station --> CSMS

DeleteCertificateResponse

{
  "status": "Accepted"
}

Field	Type	Required	Description
`status`	DeleteCertificateStatusEnumType	Yes	Result of the delete operation
`statusInfo`	StatusInfoType	No	Additional status info

Status values:

Accepted - Certificate was deleted successfully.
Failed - Certificate exists but could not be deleted (e.g., in use).
NotFound - No certificate matching the hash data was found.

CSMS Implementation Notes:

Always run M03 first to get the correct CertificateHashDataType for the certificate to delete.
Handle all three status values (Accepted, Failed, NotFound).
Use this to remove expired or compromised root certificates.
Be careful not to delete certificates that are currently in use for active TLS connections or charging sessions.

Requirements (CSMS Perspective):

ID	Requirement
`M04.FR.01`	The CSMS SHALL be able to send DeleteCertificateRequest to a Charging Station.
`M04.FR.02`	The CSMS SHALL use hash data obtained from GetInstalledCertificateIdsResponse (M03) to identify the certificate.
`M04.FR.03`	The CSMS SHALL handle Accepted, Failed, and NotFound statuses.

M05

Install CA Certificate in a Charging Station

Install a root/CA certificate on the Charging Station.

Actors: CSMS, Charging Station

The CSMS sends an InstallCertificateRequest to install a root or CA certificate on the Charging Station. This is used to install V2G Root certificates, MO Root certificates, CSMS Root certificates, or Manufacturer Root certificates.

Flow Diagram

CSMS                                    Charging Station
 |                                           |
 |--InstallCertificateRequest--------------->|
 |  (certificateType, certificate)           |
 |                                           |
 |<-InstallCertificateResponse---------------|
 |  (status)                                 |

CSMS Sends: InstallCertificateRequest

CSMS --> Charging Station

InstallCertificateRequest

{
  "certificateType": "V2GRootCertificate",
  "certificate": "-----BEGIN CERTIFICATE-----\nMIID...base64...==\n-----END CERTIFICATE-----"
}

Field	Type	Required	Description
`certificateType`	InstallCertificateUseEnumType	Yes	Type of certificate being installed
`certificate`	string	Yes	PEM-encoded X.509 certificate. Max 5500 chars.

InstallCertificateUseEnumType values:

V2GRootCertificate - ISO 15118 V2G Root CA
MORootCertificate - Mobility Operator Root CA
CSMSRootCertificate - CSMS Root CA (for the CS to trust the CSMS)
ManufacturerRootCertificate - Manufacturer Root CA (for firmware signature verification)

CSMS Receives: InstallCertificateResponse

Charging Station --> CSMS

InstallCertificateResponse

{
  "status": "Accepted"
}

Field	Type	Required	Description
`status`	InstallCertificateStatusEnumType	Yes	Result of installation
`statusInfo`	StatusInfoType	No	Additional status info

Status values:

Accepted - Certificate was installed successfully.
Rejected - Certificate was rejected (e.g., invalid format, policy violation).
Failed - Installation failed (e.g., storage full, internal error).

CSMS Implementation Notes:

The certificate MUST be PEM-encoded X.509 format.
Only root/CA certificates are installed via this message - NOT leaf certificates or certificate chains.
To install a V2G Charging Station leaf certificate (SECC), use the A02/A03 flows (SignCertificate + CertificateSigned).
When installing a CSMSRootCertificate, be aware that the Charging Station will use it to verify the CSMS's TLS server certificate.
When installing a V2GRootCertificate, the Charging Station needs this to derive its V2G Charging Station Certificate for ISO 15118 communication with EVs.
Multiple V2G Root Certificates may be needed if the CS needs to support more than one V2G root.

Requirements (CSMS Perspective):

ID	Requirement
`M05.FR.01`	The CSMS SHALL be able to send InstallCertificateRequest to install root/CA certificates.
`M05.FR.02`	The certificate SHALL be in PEM-encoded X.509 format, max 5500 characters.
`M05.FR.03`	The CSMS SHALL handle Accepted, Rejected, and Failed statuses.
`M05.FR.04`	The CSMS SHALL track which root certificates are installed on each Charging Station.

M06

Get V2G Charging Station Certificate Status

Allow the Charging Station to retrieve OCSP revocation status for its V2G certificates from the CSMS.

Actors: Charging Station, CSMS, OCSP Responder

During the 15118 TLS handshake, the EV can request OCSP status of the Charging Station's certificate and intermediate certificates (OCSP stapling per IETF RFC 6961). The Charging Station may need to retrieve this OCSP information from the CSMS. The Charging Station sends a GetCertificateStatusRequest with the OCSP request data, and the CSMS queries the OCSP responder and returns the result.

Note: The CS may cache the OCSP response for future TLS handshakes with EVs.

Flow Diagram

EV                     Charging Station                    CSMS              OCSP Responder
 |                           |                              |                       |
 |                           |  [optional, for caching]     |                       |
 |                           |--GetCertificateStatusReq--->|                       |
 |                           |  (ocspRequestData)           |--OCSP Request-------->|
 |                           |                              |<--OCSP Response-------|
 |                           |<-GetCertificateStatusResp--|                       |
 |                           |  (status, ocspResult)        |                       |
 |                           |                              |                       |
 |--startTLS(rootCerts)----->|                              |                       |
 |<--TLS response (with------|                              |                       |
 |   OCSP stapling info)     |                              |                       |

CSMS Receives: GetCertificateStatusRequest

Charging Station --> CSMS

GetCertificateStatusRequest

{
  "ocspRequestData": {
    "hashAlgorithm": "SHA256",
    "issuerNameHash": "ABC123...",
    "issuerKeyHash": "DEF456...",
    "serialNumber": "1234567890",
    "responderURL": "https://ocsp.example.com/v2g"
  }
}

Field	Type	Required	Description
`ocspRequestData`	OCSPRequestDataType	Yes	OCSP request information

OCSPRequestDataType fields

Field	Type	Required	Description
`hashAlgorithm`	HashAlgorithmEnumType	Yes	SHA256, SHA384, or SHA512
`issuerNameHash`	string	Yes	Hash of the Issuer DN. Max 128 chars.
`issuerKeyHash`	string	Yes	Hash of the issuer's public key. Max 128 chars.
`serialNumber`	string	Yes	Serial number of the certificate to check. Max 40 chars.
`responderURL`	string	Yes	URL of the OCSP responder (case insensitive). Max 512 chars.

CSMS Must Do:

Extract the OCSP request data from the message.
Build an OCSP request using the provided hash algorithm, issuer name hash, issuer key hash, and serial number.
Send the OCSP request to the responderURL.
Return the DER-encoded OCSP response as Base64 in ocspResult.

CSMS Responds: GetCertificateStatusResponse

CSMS --> Charging Station

GetCertificateStatusResponse

{
  "status": "Accepted",
  "ocspResult": "<Base64-encoded DER OCSP response per IETF RFC 6960>"
}

Field	Type	Required	Description
`status`	GetCertificateStatusEnumType	Yes	"Accepted" or "Failed"
`statusInfo`	StatusInfoType	No	Additional status info
`ocspResult`	string	Conditional	DER-encoded (RFC 6960) then Base64-encoded OCSP response. Max 5500 chars. MAY only be omitted when status is not Accepted.

CSMS Implementation Notes:

The CSMS acts as a proxy between the Charging Station and the OCSP responder.
The CSMS SHOULD cache OCSP responses to reduce load on the OCSP responder.
The ocspResult is DER-encoded per IETF RFC 6960, then Base64-encoded.
When status = Accepted, ocspResult MUST be present.
When status = Failed, ocspResult MAY be omitted.

Requirements (CSMS Perspective):

ID	Requirement
`M06.FR.01`	The CSMS SHALL be able to receive and process GetCertificateStatusRequest.
`M06.FR.02`	The CSMS SHALL query the OCSP responder at the provided responderURL.
`M06.FR.03`	The CSMS SHALL return the OCSP response DER-encoded, then Base64-encoded in ocspResult.
`M06.FR.04`	If the OCSP responder is unreachable, the CSMS SHALL respond with status = Failed.
`M06.FR.05`	The CSMS SHOULD cache OCSP responses to improve performance.

5. Related Security Flows (A02 & A03)

Section A Security

These flows from Section A (Security) are closely related to certificate management. They handle updating the Charging Station's own client-side certificate (used for the CSMS connection and/or ISO 15118 SECC).

A02

Update Charging Station Certificate by Request of CSMS

CSMS initiates an update of the Charging Station's TLS client certificate.

Three certificate variants:

SignChargingStationCertificate

Trigger CSR for the CS-to-CSMS TLS client certificate

SignV2GCertificate

Trigger CSR for the ISO 15118 SECC certificate

SignCombinedCertificate

Trigger CSR for a combined certificate (both CS and V2G)

Flow — SignChargingStationCertificate variant

CSMS                                    Charging Station             Certificate Authority
 |                                           |                              |
 |--TriggerMessageRequest------------------->|                              |
 |  (requestedMessage=                       |                              |
 |   SignChargingStationCertificate)          |                              |
 |                                           |                              |
 |<-TriggerMessageResponse-------------------|                              |
 |                                           |                              |
 |  [CS generates new key pair]              |                              |
 |                                           |                              |
 |<-SignCertificateRequest-------------------|                              |
 |  (csr, certificateType=                   |                              |
 |   ChargingStationCertificate)             |                              |
 |                                           |                              |
 |--SignCertificateResponse----------------->|                              |
 |  (status=Accepted)                        |                              |
 |                                           |                              |
 |--forward CSR to CA---------------------------------------->|              |
 |                                           |                              |
 |<-signed certificate-----------------------------------------|              |
 |                                           |                              |
 |--CertificateSignedRequest---------------->|                              |
 |  (certificateChain, certificateType=      |                              |
 |   ChargingStationCertificate)             |                              |
 |                                           |                              |
 |<-CertificateSignedResponse----------------|                              |
 |  (status=Accepted or Rejected)            |                              |

V2G variant: Same flow but trigger with requestedMessage = SignV2GCertificate and optionally set evse to the EVSE of the ISO15118Ctrlr. The CS sends certificateType = V2GCertificate.

Combined variant: If the Charging Station uses the same certificate for both the CSMS connection and ISO 15118, trigger with requestedMessage = SignCombinedCertificate. The CS will generate a single CSR covering both uses.

CSMS Sends: TriggerMessageRequest

CSMS --> Charging Station

TriggerMessageRequest

{
  "requestedMessage": "SignChargingStationCertificate",
  "evse": {
    "id": 1
  }
}

Field	Type	Required	Description
`requestedMessage`	MessageTriggerEnumType	Yes	Type of message to trigger
`evse`	EVSEType	No	When triggering SignV2GCertificate, can specify the EVSE

CSMS Receives: TriggerMessageResponse

Charging Station --> CSMS

TriggerMessageResponse

{
  "status": "Accepted"
}

Field	Type	Required	Description
`status`	TriggerMessageStatusEnumType	Yes	Whether the CS will send the requested message
`statusInfo`	StatusInfoType	No	Additional status info

Status values: Accepted (CS accepted the trigger), Rejected (preconditions not met), NotImplemented (trigger not supported).

CSMS Receives: SignCertificateRequest

Charging Station --> CSMS

SignCertificateRequest

{
  "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIIC...base64...==\n-----END CERTIFICATE REQUEST-----",
  "certificateType": "ChargingStationCertificate"
}

Field	Type	Required	Description
`csr`	string	Yes	PEM-encoded CSR (Certificate Signing Request) per RFC 2986. Max 5500 chars.
`certificateType`	CertificateSigningUseEnumType	No	ChargingStationCertificate or V2GCertificate. When omitted, used for both.

CSMS Responds: SignCertificateResponse

CSMS --> Charging Station

SignCertificateResponse

{
  "status": "Accepted"
}

Field	Type	Required	Description
`status`	GenericStatusEnumType	Yes	"Accepted" or "Rejected"
`statusInfo`	StatusInfoType	No	Additional status info

CSMS Must Do After Accepting CSR:

Validate the CSR (optional checks - the CA does full validation).
Forward the CSR to the Certificate Authority (CA).
Wait for the CA to sign the certificate and return it.
Send a CertificateSignedRequest to the Charging Station with the signed certificate chain.

CSMS Sends: CertificateSignedRequest

CSMS --> Charging Station

CertificateSignedRequest

{
  "certificateChain": "-----BEGIN CERTIFICATE-----\n<leaf cert>\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n<sub-CA cert>\n-----END CERTIFICATE-----",
  "certificateType": "ChargingStationCertificate"
}

Field	Type	Required	Description
`certificateChain`	string	Yes	Signed PEM-encoded X.509 certificate chain. Starts from leaf, followed by sub-CA certs. Max 10000 chars (configurable via MaxCertificateChainSize).
`certificateType`	CertificateSigningUseEnumType	No	ChargingStationCertificate or V2GCertificate. Required when typeOfCertificate was in the SignCertificateRequest AND both connection types are implemented.

CSMS Receives: CertificateSignedResponse

Charging Station --> CSMS

CertificateSignedResponse

{
  "status": "Accepted"
}

Field	Type	Required	Description
`status`	CertificateSignedStatusEnumType	Yes	"Accepted" or "Rejected"
`statusInfo`	StatusInfoType	No	Additional status info

Status values: Accepted (certificate was installed on the CS), Rejected (certificate was rejected, e.g., verification failed, chain invalid).

Requirements (CSMS Perspective):

ID	Requirement
`A02.FR.01`	The CSMS SHALL be able to trigger a certificate update by sending TriggerMessageRequest with requestedMessage = SignChargingStationCertificate.
`A02.FR.02`	For V2G certificates: trigger with requestedMessage = SignV2GCertificate. The CSMS may need to query ISO15118Ctrlr SeccId via GetReportRequest first.
`A02.FR.03`	Upon receiving SignCertificateRequest, the CSMS SHALL respond with Accepted if it can process the CSR.
`A02.FR.04`	The CSMS SHALL forward the CSR to the Certificate Authority.
`A02.FR.05`	After receiving the signed certificate from the CA, the CSMS SHALL send CertificateSignedRequest to the CS.
`A02.FR.06`	The certificate chain in CertificateSignedRequest SHALL start with the leaf certificate, followed by sub-CA certificates in chain order.
`A02.FR.07`	If the CA cannot be reached or rejects the CSR, the CSMS SHALL notify the operator. The operator can re-run A02 when resolved.
`A02.FR.08`	The standard configuration variable OrganizationName MUST be set. For SignV2GCertificate, the variable ISO15118Ctrlr.SeccId must also be set.

A03

Update Charging Station Certificate Initiated by the Charging Station

The Charging Station initiates its own certificate renewal (e.g., before expiry).

This flow is identical to A02 except the Charging Station initiates it by sending SignCertificateRequest without being triggered first. The CSMS handles it exactly the same way: accept the CSR, forward to CA, send back CertificateSignedRequest.

CSMS handling for A03:

Receive SignCertificateRequest from the CS (not triggered by the CSMS).
Respond with SignCertificateResponse (Accepted if the CSMS can process the CSR).
Forward the CSR to the Certificate Authority (CA).
After receiving the signed certificate, send CertificateSignedRequest to the CS.
Handle the CertificateSignedResponse (Accepted or Rejected).

6. Shared Data Types Reference

Reference

6.1 StatusInfoType

Used in many responses to provide additional information about the status.

StatusInfoType Schema

{
  "reasonCode": "string (max 20, required, case-insensitive)",
  "additionalInfo": "string (max 512, optional)"
}

Field	Type	Required	Max Length	Description
`reasonCode`	string	Yes	20	Predefined code for the reason (case-insensitive)
`additionalInfo`	string	No	512	Additional human-readable information

6.2 CertificateHashDataType

Used to uniquely identify a certificate by its hash values. Appears in M03, M04, and M06 messages.

Field	Type	Required	Max Length	Description
`hashAlgorithm`	HashAlgorithmEnumType	Yes	-	SHA256, SHA384, or SHA512
`issuerNameHash`	string	Yes	128	Hash of the Issuer Distinguished Name
`issuerKeyHash`	string	Yes	128	Hash of the issuer's public key
`serialNumber`	string	Yes	40	Serial number of the certificate

6.3 OCSPRequestDataType

Extends CertificateHashDataType with an OCSP responder URL. Used in M06 (GetCertificateStatusRequest).

Field	Type	Required	Max Length	Description
`hashAlgorithm`	HashAlgorithmEnumType	Yes	-	Hash algorithm used
`issuerNameHash`	string	Yes	128	Hash of the Issuer DN
`issuerKeyHash`	string	Yes	128	Hash of the issuer's public key
`serialNumber`	string	Yes	40	Serial number
`responderURL`	string	Yes	512	OCSP responder URL (case insensitive)

6.4 CustomDataType

All messages support an optional customData field for vendor extensions.

CustomDataType Schema

{
  "vendorId": "string (max 255, required)"
}

Quick Reference: CSMS Message Handler Summary

Incoming Messages (CS to CSMS):

Incoming Message	Action	Response
`Get15118EVCertificateRequest`	Proxy EXI to CPS/MO backend, return response	`Get15118EVCertificateResponse`
`GetCertificateStatusRequest`	Query OCSP responder, return result	`GetCertificateStatusResponse`
`SignCertificateRequest`	Accept CSR, forward to CA, later send CertificateSignedRequest	`SignCertificateResponse`

Outgoing Messages (CSMS to CS):

Outgoing Message	Purpose	Expected Response
`GetInstalledCertificateIdsRequest`	Query installed certificates	`GetInstalledCertificateIdsResponse`
`DeleteCertificateRequest`	Delete a specific certificate	`DeleteCertificateResponse`
`InstallCertificateRequest`	Install a root/CA certificate	`InstallCertificateResponse`
`CertificateSignedRequest`	Deliver signed certificate to CS	`CertificateSignedResponse`
`TriggerMessageRequest`	Trigger CS to start certificate renewal	`TriggerMessageResponse`