Used to authenticate users and devices, Public Key Infrastructure (PKI) is a technology commonly used in the digital world to add more security and prevent unauthorized users from accessing disclosed data. The basic idea is to have one or more trusted parties digitally sign documents certifying that a particular cryptographic key belongs to a specific user or device and is safe to use. These documents are known as certificates.
PJM implemented PKI certificate-based authentication to browser-less transfers of MSRS as optional in the production environment on Sept 28 at 4 p.m. EPT. The mandatory cut-over date will be in the spring of 2022.
Users participating in PKI-based authentication can use Account Manager to request access to a role called “Certificate-Based Authentication Opt-In.” Afterward, approval of the request by the member’s CAM will be given. Once the user’s access is approved, the user will need to provide a certificate to access browser-less transfers of Capacity Exchange, DR Hub, FTR Center, InSchedule, Market Gateway, Power Meter & MSRS.
To set up PKI based authentication:
· User needs to purchase a certificate from one of the approved certificate authorities.
· Link certificate from account manager and follow up with company CAM for approval.
· Update any browser-less custom code to pass PKI certificate for authentication.
· Use latest PJM-CLI version 1.5.0
For any reason users want to opt-out, they can work with their CAM to terminate access to the “Certificate-Based Authentication Opt-In” role.