Page Comparison

A website with this SSL misconfiguration might work fine in the browser, but it won't work for clients that do not support AIA Fetching, e.g. in Python. The error can be reproduced with `curl`, it will return error: "curl: (60) SSL certificate problem: unable to get local issuer certificate". The website can be also tested on https://www.ssllabs.com/ssltest/index.html .

Test your website, configure properly your webserver

Monitoring system

11 HEIs (6 providers) in PROD, 9 HEIs (7 providers) in DEV

Expired SSL certificate

The certificate needs to be renewed

Monitoring system

At least 3 HEIs (2 providers) in PROD, 39 HEIs (9 providers) in DEV

According to specification “Once you receive a change notification, you respond with HTTP 200, and add the received identifiers to a queue. Later on, in the background, you will attempt to update your locally stored information on the received entities (e.g. by calling the get endpoints of the APIs which describe this entity).

You SHOULD NOT try to refresh your data before sending your CNR API response. Refreshing the data (e.g. calling the get endpoint) is a separate operation, and the result of this operation MUST NOT influence the HTTP response of your CNR API”

A number of partner send some error codes instead.

Enforceabsolutecompliance with the specification

Email correspondence with providers, testing sessions, GitHub

This error was encountered in a number of mobility systems