Common Components System

Security

Common information exchange and a comprehensive CRD are key to rail interoperability and therefore a harmonised railway sector in Europe. This is made possible by a decentralised peer-to-peer network with a common interface that can be used by all industry stakeholders. To ensure high security standards along with message-based encryption and signing within this network, RNE acts as a central Certification Authority (CA):

  • All actors require a certificate for secure communication between CIs
  • Certificates are established and controlled by RNE
  • Establishing secure SSL/TLS communication between two peers using CI or CI and CRD
  • Message encryption
  • Message signing
  • All certificates are issued by RNE only
  • Only certificates from the RNE Certificate Authority (with the same root) will trust each other.

As a Certificate Authority, RNE provides certificate services within the RNE PKI (Public Key Infrastructure) and will:

  • Issue and publish certificates in a timely manner in accordance with the issuance periods set out by RNE (the expiry time of the certificates has been set to two years)
  • Revoke certificates, upon receipt of a valid request from a person authorised to request revocation
  • Publish and update CRLs (Certificate Revocation Lists)
  • Distribute issued certificates in accordance with the procedures specified by RNE.

How to get a certificate from RNE:

Certificates are issued by RNE certificate authority only to licensed users. To obtain CCS license please contact CCS Service Desk.