The OEM registration and certificate issuance process involves the following high-level steps:
 

OEM Registration

1. New Request: OEMs submit a new onboarding request to the PKI for a specific DNSP via the SwitchDin support portal.

2. DNSP Approval: A support ticket is opened for DNSP approval, and the authorisation is tracked on the Production PKI Certified List of OEMs per DNSP.

3. Portal Access: SwitchDin authorises OEM users to access the PKI Document Repository.

4. OEM Portal Registration: OEM authorised users register to the support portal and the document repository.

Note: During initial onboarding or unforeseen circumstances, this process may vary, but DNSP approval is always ensured before servicing OEM requests.
 

Certificate Request and Issuance (Test and Production)

1. ID Check Process (for Production Certificates only):
◦ SwitchDin sends an Organisation Verification Request Form to the nominated Authoriser.
◦ The Authoriser completes forms and attaches required evidence, adhering to Gatekeeper PKI Standard guidelines.
◦ SwitchDin verifies the documentation. (ID checks are not re-performed if completed for another DNSP within the last year, provided the Authoriser and Certificate Manager are the same).

2. Certificate Signing Request (CSR) Preparation: The OEM initiates the certificate request using relevant forms (Aggregator or Direct Connect OEM Process).

3. Certificate Issuance: SwitchDin returns the signed certificate to the OEM via the support ticket.

4. Certificate Register Update: SwitchDin updates the relevant Certificate Tracker for DNSP visibility.

5. Certificate Validation/Installation: The OEM is responsible for testing the certificate and connectivity to close the support ticket.

Note: Issues with CSRs require updates before issuance. Post-issuance issues result in a new certificate, with the old one revoked; the OEM is responsible for securely deleting the private key/certificate.