Common information exchange and a comprehensive CRD are key to rail interoperability and therefore a harmonised railway sector in Europe. This is made possible by a decentralised peer-to-peer network with a common interface that can be used by all industry stakeholders. To ensure high security standards along with message-based encryption and signing within this network, RNE acts as a central Certification Authority (CA):
- All actors require a certificate for secure communication between CIs
- Certificates are established and controlled by RNE
- Establishing secure SSL/TLS communication between two peers using CI or CI and CRD
- Message encryption
- Message signing
- All certificates are issued by RNE only
- Only certificates from the RNE Certificate Authority (with the same root) will trust each other.
As a Certificate Authority, RNE provides certificate services within the RNE PKI (Public Key Infrastructure) and will:
- Issue and publish certificates in a timely manner in accordance with the issuance periods set out by RNE (the expiry time of the certificates has been set to two years)
- Revoke certificates, upon receipt of a valid request from a person authorised to request revocation
- Publish and update CRLs (Certificate Revocation Lists)
- Distribute issued certificates in accordance with the procedures specified by RNE.
How to get a certificate from RNE:
Certificates are issued by RNE certificate authority only to licensed users. To obtain CCS license please contact CCS Service Desk.