Operator interface

This page explains how to configure profiles (permissions) and stations in a C-ITS Enrolment Authority through the Operator interface. From the welcome page, you can:

  • Create or modify Profiles (i.e. set of parameters including permissions)
  • Add or modify ITS Stations individually
  • Add or modify multiple stations in Batch mode

This interface also provides links to other tools such as:

  • Modification of the language of the interface (available languages: English & French)
  • User Options (top right drill-down menu - c.f. User options help page)

The Operator interface can also be used through a Web Service (c.f. Operator Web Service help page).

 

Profiles

Profiles contain the information related to the certificates - EC & AT - that can be delivered by the C-ITS PKI.

From the Profiles page, you can:

  • Visualize the list of available profiles with their configuration. Profiles can be:
    • edited by clicking on the green pen
    • deleted by clicking on the red cross
    • cloned by clicking on the blue copy/paste icon
  • Search for an existing profile (% to be used for wildcard search) to modify or delete it.
  • Create a new profile (+ Add new).

A profile can not be modified nor deleted if there is still one (or several) station(s) registered with this profile.

 

Create Profile

To create a new profile, the following information shall be provided.

Be careful to make sure that the permissions you define in a profile are consistent with the permissions of the AA that will be used.

 

Field name Description
Name Specific name describing a group of ITS stations (e.g. Emergency, Road side units, Civilian).
EC validity period This value is the maximum limit for the validity period of EC certificates. Units can be Seconds, Minutes, Hours, Days, Years.
AT validity period This value is the maximum duration for the validity period of AT certificates. Units can be Seconds, Minutes, Hours, Days, Years.
AT preloading period This value is the validity period duration in which AT certificates can be requested from the date of request. Units can be Seconds, Minutes, Hours, Days, Years.
Assurance level To be left at values 0-0. Pending EU harmonization.
Validity privacy policy Encryption of EC signature in AT requests. Possible values are: Optional encryption, without encryption, with encryption.
Group Name of the group that will use the profile.
Permissions Permissions have the following format: PSID (dec) + SSP (hexa).

 

IMPORTANT
For each PSID (e.g. CAM, DENM), the list of SSPs shall be defined in exact concordance with the permissions that will be requested by stations. In this matter, several entries could be configured for one PSID.
For example, a profile has been defined with 2 sets of permissions for DENM (37):

  • 37:015F1820
  • 37:01FFFFFF

The PKI will deny a request asking for 37:017F7631, because it does not exactly match either 37:015F1820 nor 37:01FFFFFF.

 

ITS Stations

From the ITS Stations page, you can:

  • Visualize the list of registered C-ITS stations with their configuration. Detailed information can be displayed by clicking on the blue eye. Stations can be edited by clicking on the green pen and deleted by clicking on the red cross.
  • Search for an existing station (% to be used for wildcard search) to view, modify or delete it
  • Register a new station (+ Add new)

The hexadecimal value of a station's canonical name is displayed when passing the mouse over its name.

 

Create ITS station

To create a new station, the following information is required:

Field name Description
Canonical name ITS-S name can be structured in prefix in ASCII (e.g. Provider) and serial ID in hexadecimal. At least 1 field is mandatory.
Technical public key The technical public key shall be generated over the standardized cryptographic domain parameters (under RFC 5480 SubjectPublicKeyInfo format). Keys can be converted to this format using the Key converter (c.f. Tools help page).
Profile Profile applied to the station.
Status This operator interface provides four types of status: Registered / Activated / Suspended / Deactivated. ATs can be requested by activated stations only.
Tags (optional) Tags can be used to associate other metadata to the station.

On production platforms, deactivated stations cannot be reactivated.

 

Batch

The Batch page provides 3 features: Register, Update and Delete, allowing the management of multiple ITS Stations using CSV format files.

  1. To register multiple stations, use a CSV file without header structured as shown in the following example:

    Canonical Name ASCII part, Canonical Name HEX part, Technical key

    NAME, 75036A481E615EA1, 3059301306072A8648CE3...60027A1CCF168248
    NAME, CAB8D521DE2967A1, 3059301306072A8648CE3...6706FDEAFDB5F2C2
    NAME, 8D6924ACD8B6CDCC, 3059301306072A8648CE3...1FBCC3B55AEB3812
    NAME, 5176E5DD8A3896EA, 3059301306072A8648CE3...7A160413C56EB9EF
    NAME, 7E0324E9D434E190, 3059301306072A8648CE3...D0388879A6FFE042

    Choose the profile and status to be applied.

  2. To update multiple stations (profile and/or status), use a CSV file without header structured as shown in the following example:

    Canonical Name ASCII part, Canonical Name HEX part

    NAME, 75036A481E615EA1
    NAME, CAB8D521DE2967A1
    NAME, 8D6924ACD8B6CDCC
    NAME, 5176E5DD8A3896EA
    NAME, 7E0324E9D434E190

    Choose the profile and status to be applied.

  3. To delete multiple registered stations, use a CSV file without header structured as shown in the following example:

    Canonical Name ASCII part, Canonical Name HEX part

    NAME, 75036A481E615EA1
    NAME, CAB8D521DE2967A1
    NAME, 8D6924ACD8B6CDCC
    NAME, 5176E5DD8A3896EA
    NAME, 7E0324E9D434E190