Getting Started

This guide provides instructions on how to deploy the certificates required for using Secure ICCP with Oracle Utilities Live Energy Connect. For more information about Secure ICCP and Secure ICCP best practices, see the Department of Energy report for Secure ICCP Integration Considerations and Recommendations.

See Configuring Live Energy Connect for Secure ICCP for more information about configuring Live Energy Connect for Secure ICCP.

Requirements

The following requirements apply to this deployment procedure.

  • Access to a Live Energy Connect installation.
  • X.509 certificates are required for using Secure ICCP. You should coordinate with your organization's IT security resources to obtain certificates.
  • Obtain a private certificate for the local Live Energy Connect server in PEM format. This must be a private certificate with the RSA key embedded and the RSA password removed.
  • Live Energy Connect installed. Refer to the Oracle Utilities Live Energy Connect Installation Guide for instructions on downloading and installing the software.

Note: When installing releases older than 7.1.0.0.0, make sure the Secure ICCP feature is selected in the installer, which will install the Stunnel.

Required Certificates

For a given Oracle Utilities Live Energy Connect server configuration that uses Secure ICCP, the following certificates are required.

SSL/TSL Certificates ACSE Certificates
  • For each remote Secure ICCP peer, a public SSL/TSL X.509 certificate and a copy of the CA certificate or chain that was used to sign this public certificate are required.
  • For each local VCC configured to use Secure ICCP, a private and public ACSE X.509 certificate are required.
  • For each remote Secure ICCP peer VCC, a public ACSE X.509 certificate and a copy of the CA certificate or chain used to sign this public certificate are required.

Note: You can generate your own self-signed X.509 certificates for testing using a tool like openSSL.