CertificateSigned

CertificateManagement CSMS->CS OCPP 2.0.1

Sent by the CSMS to deliver a signed certificate to the Charging Station in response to a SignCertificate request.

Quick Reference

Required Fields

certificateChain string(10000)

PEM-encoded signed certificate, optionally including the full certificate chain

certificateType CertificateSigningUseEnumType

Type of certificate: ChargingStationCertificate or V2GCertificate

Example Payload

{
  "certificateChain": "-----BEGIN CERTIFICATE-----\nMIICpDCCAYwCCQD...\n-----END CERTIFICATE-----",
  "certificateType": "ChargingStationCertificate"
}

Example Full Frame

[
  2,
  "msg-001",
  "CertificateSigned",
  {
    "certificateChain": "-----BEGIN CERTIFICATE-----\nMIICpDCCAYwCCQD...\n-----END CERTIFICATE-----",
    "certificateType": "ChargingStationCertificate"
  }
]

Format: [MessageType, MessageId, Action, Payload]

Open in Builder Go to Validator

Overview

CertificateSigned delivers the signed certificate chain to the Charging Station after it sent a SignCertificate request. The Charging Station installs the certificate and uses it for its TLS or V2G connections.

Expected Response

status: Accepted or Rejected

Rejected means the certificate failed validation (wrong type, expired, or wrong CN).

Usage Notes

Include the full certificate chain (leaf + intermediates) for reliable TLS validation
After Accepted, the Charging Station may need to reconnect using the new certificate

Testing Tips

Send a valid signed certificate and verify the Charging Station reconnects with the new cert
Send an expired certificate and verify Rejected response

Common Errors

`PropertyConstraintViolation`

Cause: certificateChain exceeds 10000 characters

Solution: The full certificate chain including intermediates must be under 10000 characters

`GenericError`

Cause: Certificate type does not match the pending CSR

Solution: Ensure the certificateType matches the type requested in SignCertificate