You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Two cases are possible:

  • Your certificate is still valid: go to Case 1
  • Your certificate is already expired: go to Case 2

CASE 1:  Your DomiSMP certificate is still valid

The following procedure is to be followed while the certificate that is already registered in the DomiSML is still valid. The DomiSMP must call the Webservice operation PrepareChangeCertificate in BDMSLServiceInterface to change the certificates in SML on a predefined future date. The operation PrepareChangeCertificate expects a new trusted certificate.

Pre-requisites:

  • The current certificate of the user is valid,
  • The new certificate must be compliant with user permission rules for DomiSMP in DomiSML,
  • The user has the new certificate for the DomiSMP(s).

Description:

This operation allows a DomiSMP to prepare a change of its certificate. It is typically called when a DomiSMP has a certificate that is about to expire and already has the new one. This operation must be called while the certificate that is already registered in the DomiSMP is still valid.

If the migrationDate is not empty, then the new certificate MUST be valid at the date provided in the migrationDate element.

If the migrationDate element is empty, then the "Valid From" date is extracted from the certificate and is used as the migrationDate. In this case, the "Not Before" date of the certificate must be in the future.

Error management:

  • Fault: unauthorizedFault - returned if the caller is not authorized to invoke the PrepareChangeCertificate operation
  • Fault: badRequestFault - returned in one of thoses cases:
    • The supplied request does not contain consistent data,
    • The new certificate is not valid at the date provided in the migrationDate element,
    • The migrationDate is not in the future,
    • The migrationDate is not provided and the "Not Before" date of the new certificate is not in the future,
    • The migrationDate is not provided and the "Valid From" is in the past.
  • Fault: internalErrorFault - returned if the BDMSLservice is unable to process the request for any reason.

CASE 2: Your DomiSMP certificate is already expired

The following procedure must be followed to update the existing DomiSML registrations currently linked to the Old certificate when the Certificate of DomiSMP is already expired:

  1. In DomiSML Database, the existing registrations are linked to the old certificate and these registrations need to be updated when changing certificate in order to support updates or removal of old SML entries with the new certificate.
  2. You need to send the details for the new certificate to eDelivery SUPPORT EC-EDELIVERY-SUPPORT@ec.europa.eu and request the update for a specific time.

The information you need to provide is: your new certificate file(.cer), the serial number, the DomiSMP ID and the environment (Production or Acceptance).

Example: 

  • New Certificate file Zipped and attached to the mail
  • SMP ID:Test_SMP_ID
  • Serial Number: 0BF1 1660 4702 F47B F02E 0491 ED54 3C9B
  • Environment: Acceptance


  • No labels