Configuration is defined in TOML.
- General settings
- Service settings
- Transport
- Storage
- Contract certificate validator
- Contract certificate provider
- Charge station certificate provider
- Tariff service
- Root certificate provider
- Http auth service
- Example configuration
| Section | Key | Type | Description |
|---|---|---|---|
| api | addr | string | Address that API server will listen on, e.g. localhost:9410 |
| api | external_addr | string | The Externally visible URL that the server is available on |
| api | org_name | string | The organization name to use when issuing client certificates |
| ocpp | heartbeat_interval | string | Frequency to request charge station heartbeat messages at, e.g. "5m" |
| ocpp | ocpp16_enabled | bool | Is OCPP 1.6 support enabled, e.g. "true"? |
| ocpp | ocpp201_enabled | bool | Is OCPP 2.0.1 support enabled, e.g. "true"? |
| observability | log_format | string | Either "json" or "text" |
| observability | otel_collector_addr | string | Address of the OpenTelemetry collector, e.g. "localhost:4317" |
| observability | tls_keylog_file | string | File where TLS session keys will be written for use with Wireshark |
This section consists of a type parameter and a set of parameters specific to that type prefixed by the type name.
e.g.
[transport]
type = "mqtt"
mqtt.urls = ["mqtt://mqtt-server.example.com:1883"]Configures the MQTT transport.
| Section | Key | Type | Description |
|---|---|---|---|
| mqtt | urls | array of strings | List of MQTT broker URLs, e.g. [mqtt://localhost:1883] |
| mqtt | prefix | string | MQTT topic prefix, e.g. "cs" |
| mqtt | group | string | MQTT subscriber group name, e.g. "manager" |
| mqtt | connect_timeout | string | MQTT connection timeout, e.g. "10s" |
| mqtt | connect_retry_delay | string | MQTT connection retry delay, e.g. "1s" |
| mqtt | keep_alive_interval | string | MQTT keep alive interval, e.g. "10s" |
The following types of service can be configured, each service has its own section:
storage- configures the backing store will be usedcontract_cert_validator- configures how contract certificates will be validatedcontract_cert_provider- configures how contract certificates are providedcharge_station_cert_provider- configures how charge station certificates are providedtariff_service- configures how tariffs are calculated
Each section consists of a type parameter and a set of parameters specific to that type prefixed by the type name.
e.g.
[storage]
type = "firestore"
firestore.project_id = "my-google-project"There are two storage implementations:
| Key | Type | Description |
|---|---|---|
| project_id | string | Google Cloud project ID |
There is no additional configuration for in-memory storage.
There is just one contract certificate validator implementation:
ocsp- checks the certificate chain and validates the OCSP status of each provided certificate
| Key | Type | Description |
|---|---|---|
| root_certs | RootCertProvider | Configures how to retrieve the trusted root certificates |
| max_attempts | int | Maximum number of attempts to check the OCSP status of a certificate |
There are two contract certificate provider implementations:
opcp- contract certificates are retrieved from a contract certificate pool using the Open Plug&Charge Protocol (OPCP)default- returns an error for all requests
| Key | Type | Description |
|---|---|---|
| url | string | Base URL for OPCP service that provides the contract certificate pool |
| auth | HttpAuthService | Configures how to authenticate with the OPCP service |
There is no additional configuration for the default contract certificate provider.
There are four charge station certificate provider implementations:
opcp- charge station certificates are issued using the EST service from the Open Plug&Charge Protocol (OPCP)local- charge station certificates are issued using a CA implemented by the CSMSdelegating- supports different charge station certificate providers for issuing V2G and CSO certificatesdefault- returns an error for all requests
| Key | Type | Description |
|---|---|---|
| url | string | Base URL for OPCP service that provides the EST service |
| auth | HttpAuthService | Configures how to authenticate with the OPCP service |
| Key | Type | Description |
|---|---|---|
| cert | LocalSource | The source that provides the signing certificate, must be a PEM encoded certificate |
| key | LocalSource | The source that provides the signing key, must be a PEM encoded private key |
| Key | Type | Description |
|---|---|---|
| v2g | ChargeStationCertificateProvider | The charge station certificate provider for V2G certificates |
| cso | ChargeStationCertificateProvider | The charge station certificate provider for CSO certificates |
There is no additional configuration for the default charge station certificate provider.
There is a single tariff service implementation:
kwh- calculates the tariff based on the energy consumed
There is no additional configuration for the kWh tariff service.
There are several implementations of RootCertProvider:
opcp- root certificates are retrieved from a root certificate pool using the Open Plug&Charge Protocol (OPCP)file- root certificates are retrieved from a file
| Key | Type | Description |
|---|---|---|
| url | string | Base URL for OPCP service that provides the root certificate pool |
| ttl | string | Time before cached values are discarded, e.g. "1h" |
| auth | HttpAuthService | Configures how to authenticate with the OPCP service |
| Key | Type | Description |
|---|---|---|
| files | array of strings | List of files containing root certificates |
There are several implementation of HttpAuthService:
env_token- token is read from an environment variablefixed_token- token is read from the configurationoauth2_token- token is retrieved using OAuth2 client credentials granthubject_test_token- token is scraped from the Hubject test environment authorization page
| Key | Type | Description |
|---|---|---|
| variable | string | Name of the environment variable |
| Key | Type | Description |
|---|---|---|
| token | string | The token value |
| Key | Type | Description |
|---|---|---|
| url | string | The URL of the OAuth2 Authorization Server token endpoint |
| client_id | string | The client id to use in the client credentials grant |
| client_secret | string | The client secret to use in the client credentials grant |
| client_secret_env_var | string | The environment variable to read the client secret from to use in the client credentials grant |
| Key | Type | Description |
|---|---|---|
| url | string | URL of the Hubject test environment authorization page |
| ttl | string | The duration for which the token is valid, e.g. "1h" |
There are two different local source implementations:
file- data is read from a filegoogle_cloud_secret- data is read from a google cloud secret
The value is a file to be read from the operating system.
The value is the name of a secret to be read from google cloud secrets. The name must be of the form:
projects/<project-number>/secrets/<secret-name>/[latest|<version>]
[api]
addr = ":9410"
[mqtt]
urls = ["mqtt://mqtt:1883"]
[observability]
otel_collector_addr = "otel-collector:4317"
[storage]
type = "firestore"
firestore.project_id = "*detect-project-id*"
[contract_cert_validator]
type = "ocsp"
[contract_cert_validator.ocsp.root_certs]
type = "opcp"
opcp.url = "https://open.plugncharge-test.hubject.com/mo/cacerts/ISO15118-2"
opcp.auth.type = "env_token"
opcp.auth.env_token.variable = "HUBJECT_TOKEN"
[contract_cert_provider]
type = "opcp"
opcp.url = "https://open.plugncharge-test.hubject.com"
opcp.auth.type = "env_token"
opcp.auth.env_token.variable = "HUBJECT_TOKEN"
[charge_station_cert_provider]
type = "opcp"
opcp.url = "https://open.plugncharge-test.hubject.com"
opcp.auth.type = "env_token"
opcp.auth.env_token.variable = "HUBJECT_TOKEN"