24
ActiveShuttle
VehicleManagement
FleetManagement
Root certificate
Diffie Hellmann key
4 Certificate file names
Server certificate
Signature algorithm
The signature algorithm must be SHA256 with RSA encryption.
All certificates must be client and server certificates:
Netscape Cert Type: SSL Client, SSL Server [...] X509v3 Extended Key Usage: TLS Web
Server Authentication, TLS Web Client Authentication
•
For internal use each customer can install and operate a public key infrastructure (PKI) on their own
volition.
•
For internal use (Bosch Intranet) the Robert Bosch Trustcenter provides the necessary certificates for
the Bosch Group.
•
The Robert Bosch Trustcenter does not provide certificates for external use (Public Internet) or
customer.
Notice!
There are several guides publicly available on how to install and operate a PKI. Another solution is
to contract a public certificate authority to create and maintain the certificates.
Key length
The key length of the keys and Diffie Hellman keys must be 2048 bit.
◊ Example certificate, see Appendix
Manual exchange of certificates
RA91390962 AB-V1.3.3, en
Certificate Name
"as.crt"
"vms.crt"
"fms.crt".
"ca.crt"
It must include all necessary root and
intermediate certificates
Example communication
ILS, ActiveShuttle | Requirements
Name of key file
"as.key"
"vms.key"
"fms.key"
"dh2048.pem"
certificate.