Common information exchange and a comprehensive CRD are key to rail interoperability and therefore a harmonised railway sector in Europe. This is made possible by a decentralised peer-to-peer network with a common interface that can be used by all industry stakeholders. To ensure high security standards along with message-based encryption and signing within this network, RNE acts as a central Certification Authority (CA):

• All actors require a certificate for secure communication between CIs
• Certificates are established and controlled by RNE
• Establishing secure SSL/TLS communication between two peers using CI or CI and CRD
• Message encryption
• Message signing
• All certificates are issued by RNE only
• Only certificates from the RNE Certificate Authority (with the same root) will trust each other.

As a Certificate Authority, RNE provides certificate services within the RNE PKI (Public Key Infrastructure) and will:

• Issue and publish certificates in a timely manner in accordance with the issuance periods set out by RNE (the expiry time of the certificates has been set to two years)
• Revoke certificates, upon receipt of a valid request from a person authorised to request revocation
• Publish and update CRLs (Certificate Revocation Lists)
• Distribute issued certificates in accordance with the procedures specified by RNE.

How to get a certificate from RNE:

Certificates are issued by RNE certificate authority only to licensed users. To obtain CCS license please contact CCS Service Desk.