The CPS provides interfaces for generating and signing contract data of MOs. MOs can provide contract data to sign in CPS or send contract information to generate contract data in the Hubject Mobility Operator CA. The signed contract data are either returned to the MO or stored in the CCP.
The Certificate Provisioning Service offers a REST API to send Contract Data in order to let it sign.
The API consumer can choose from two methods, one of them is used by MOs that use their own PKI:
- one forwarding the Signed Contract Data directly into the Contract Certificate Pool (CreateAndForward- SignedContractData):
The second method is used by MOs using Hubject Certificate Authority where the contract data will be created, signed, and stored on CPP (GenerateSignedContractData). In this case, the consumer has also the possibility to revoke a contract certificate.
CPS Interface Description
The interfaces of the Certificate Provisioning Service (CPS) are used to request the provisioning of Contract Data. The Contract Certificate Pool (CCP) only accepts Contract Data signed by the CPS. Optionally the data can be forwarded to the CCP directly by the CPS.
This service provides the following interfaces:
The CPS communicates with the following actors and services.
- The Mobility Operator calls the CPS API activity to send contract data
- The Contract Certificate Pool receives Signed Contract Data forwarded by the CPS
- OCSP Responders of the Contract Certificates
- Root Certificate Pool.