Participant Technical Reference Manual - IESO
Participant Technical Reference Manual - IESO
Participant Technical Reference Manual - IESO
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Participant</strong> <strong>Technical</strong> <strong>Reference</strong> <strong>Manual</strong><br />
2. <strong>Participant</strong> Workstation, Network & Security<br />
must have these ports open for communication with the <strong>IESO</strong> and its CA. Port 829 for<br />
the appropriate CA Manager is extremely critical for certificate updates as secure PKI<br />
communications for certificate management is processed via this port. The “<strong>IESO</strong><br />
Developer's Toolkit (IDK), Implementation <strong>Manual</strong>” should also be referenced for<br />
information on defining communications with the CA Manager.<br />
156 The <strong>IESO</strong> shall choose to control the mode that the API utilizes a certificate, as of<br />
September 2004 for enabling web access continuity. If and when the need arises due to<br />
service outages at the Certificate Authority, the <strong>IESO</strong> is able to set certificate use to<br />
offline mode. The probability of this occurring is likely to be minimal and of short<br />
duration. The <strong>IESO</strong> shall maintain total control over the mode of operation, online or<br />
offline. Under such circumstance the Market <strong>Participant</strong> users will still be able to login<br />
to the Market systems with the API and conduct business. In general this is centrally<br />
controlled by the <strong>IESO</strong> so that no configuration changes are required on the part of<br />
Market <strong>Participant</strong>s for the mode of API operation and it shall be transparent. Under<br />
such circumstances the <strong>IESO</strong> issued certificates do not undergo CRL checks during<br />
login but will go through all other backend security checks as they do now. This does<br />
not impact the technical requirements for normal communications to the CA systems.<br />
157 „Application‟ (i.e. used by a computer application) certificates contained in the EPF<br />
file, when used only for login with the programmatic MIM API, can be updated<br />
automatically by the API. This will only occur if the appropriate CA Manager IP<br />
address and port is specified by the market participant as described in the “<strong>IESO</strong><br />
Developer's Toolkit (IDK), Implementation <strong>Manual</strong>”. The custodian of the certificates<br />
must manually update the certificates using the CLS, if the CA Manager IP address<br />
information is not specified. The management of such is up to the market participant.<br />
Issue 21.1 – March 15, 2010 - estimated Public 47