{"id":38532,"date":"2026-01-12T15:13:14","date_gmt":"2026-01-12T07:13:14","guid":{"rendered":"https:\/\/www.evb.com\/?p=38532"},"modified":"2026-01-16T20:39:19","modified_gmt":"2026-01-16T12:39:19","slug":"iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance","status":"publish","type":"post","link":"https:\/\/www.evb.com\/hu\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/","title":{"rendered":"ISO 15118 tan\u00fas\u00edtv\u00e1ny \u00e9letciklus-kezel\u00e9se 2026-ban: a TLS s\u00fcrg\u0151ss\u00e9g\u00e9t\u0151l a CRA-megfelel\u0151s\u00e9gig"},"content":{"rendered":"<article>\n<div class=\"mceTemp\"><\/div>\n<figure id=\"attachment_36118\" aria-describedby=\"caption-attachment-36118\" style=\"width: 635px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-36118\" title=\"EVB t\u00f6lt\u0151 \u00e9s energiat\u00e1rol\u00f3 term\u00e9kcsal\u00e1d \u00e1ttekint\u00e9se\" src=\"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027.jpeg\" alt=\"EVB portf\u00f3li\u00f3 AC \u00e9s DC elektromos aut\u00f3t\u00f6lt\u0151kb\u0151l \u00e9s kereskedelmi energiat\u00e1rol\u00f3 rendszerekb\u0151l\" width=\"635\" height=\"397\" srcset=\"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027.jpeg 2560w, https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027-1536x960.jpeg 1536w, https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027-2048x1280.jpeg 2048w, https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027-18x12.jpeg 18w, https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027-600x375.jpeg 600w, https:\/\/www.evb.com\/wp-content\/uploads\/2025\/11\/20251119-212027-768x480.jpeg 768w\" sizes=\"auto, (max-width: 635px) 100vw, 635px\" \/><figcaption id=\"caption-attachment-36118\" class=\"wp-caption-text\"><a href=\"https:\/\/www.evb.com\/hu\/\">Az EVB AC \u00e9s DC elektromosj\u00e1rm\u0171-t\u00f6lt\u0151k teljes v\u00e1laszt\u00e9k\u00e1t k\u00edn\u00e1lja.<\/a><\/figcaption><\/figure>\n<h2>TL;DR (Vezet\u0151i int\u00e9zked\u00e9s \u00f6sszefoglal\u00e1sa)<\/h2>\n<ul>\n<li><strong>A TLS \u00e1tv\u00e1lt\u00e1s egy kem\u00e9ny hat\u00e1r (nem javaslat):<\/strong> T\u00f3l <strong>2026. febru\u00e1r 24.<\/strong>A DigiCert fogja <strong>ne fogadj el<\/strong> \u00e9rv\u00e9nyes nyilv\u00e1nos TLS-tan\u00fas\u00edtv\u00e1nyk\u00e9relmek <strong>t\u00f6bb mint 199 nap<\/strong>, \u00e9s az ett\u0151l a d\u00e1tumt\u00f3l kezdve ki\u00e1ll\u00edtott tan\u00fas\u00edtv\u00e1nyok rendelkeznek <strong>199 napos maxim\u00e1lis \u00e9rv\u00e9nyess\u00e9gi id\u0151<\/strong>Ez a gyakorlati \u00e1t\u00e1ll\u00e1si lehet\u0151s\u00e9g sok \u00fczemeltet\u0151 sz\u00e1m\u00e1ra \u2013 a meg\u00fajul\u00e1si sebess\u00e9g azonnal megn\u0151.<\/li>\n<li><strong>A 200\u2192100\u219247 napos \u00fctemterv m\u00e1r meg van hat\u00e1rozva:<\/strong> A CA\/Browser Forum alapk\u00f6vetelm\u00e9nyei fokozatos cs\u00f6kkent\u00e9st hat\u00e1roztak meg: <strong>200 nap 2026. m\u00e1rcius 15-t\u0151l<\/strong>, <strong>100 nap 2027. m\u00e1rcius 15-t\u0151l<\/strong>, \u00e9s <strong>47 nap 2029. m\u00e1rcius 15-t\u0151l<\/strong>.<\/li>\n<li><strong>A CRA megfelel\u0151s\u00e9gi \u00f3r\u00e1t ad hozz\u00e1:<\/strong> A hitelmin\u0151s\u00edt\u0151 int\u00e9zetek jelent\u00e9st\u00e9teli szab\u00e1lyai el\u0151\u00edrj\u00e1k <strong>korai figyelmeztet\u00e9s 24 \u00f3r\u00e1n bel\u00fcl<\/strong>, <strong>teljes k\u00f6r\u0171 \u00e9rtes\u00edt\u00e9s 72 \u00f3r\u00e1n bel\u00fcl<\/strong>, \u00e9s meghat\u00e1rozta a v\u00e9gs\u0151 jelent\u00e9si ablakokat az akt\u00edvan kihaszn\u00e1lt sebezhet\u0151s\u00e9gek \u00e9s s\u00falyos incidensek eset\u00e9ben.<\/li>\n<li><strong>A legnagyobb rejtett kock\u00e1zat nem a lej\u00e1rat:<\/strong> A sziszt\u00e9m\u00e1s hibam\u00f3d a k\u00f6vetkez\u0151: <strong>bizalomhorgony sodr\u00f3d\u00e1s<\/strong>\u2014a roots\/intermediates\/cross-signing v\u00e1ltoz\u00e1sok nincsenek szinkronban az EVSE, a helyi vez\u00e9rl\u0151k \u00e9s a h\u00e1tt\u00e9rbeli \u00e9rv\u00e9nyes\u00edt\u00e9si \u00fatvonalak k\u00f6z\u00f6tt.<\/li>\n<li><strong>Els\u0151 befektet\u00e9s az \u00fczemid\u0151 meg\u0151rz\u00e9se \u00e9rdek\u00e9ben:<\/strong> Rendszervez\u00e9relt automatiz\u00e1l\u00e1s (ACME + k\u00e9szletgazd\u00e1lkod\u00e1s + szakaszos bevezet\u00e9s) plusz <strong>\u00e9lfolytonoss\u00e1g<\/strong> (helyi valid\u00e1ci\u00f3\/gyors\u00edt\u00f3t\u00e1r, bizony\u00edt\u00e9knapl\u00f3k \u00e9s id\u0151szinkroniz\u00e1l\u00e1si ir\u00e1ny\u00edt\u00e1s).<\/li>\n<\/ul>\n<h2>Bevezet\u00e9s: 2026-ban a Plug &amp; Charge m\u0171k\u00f6d\u0151k\u00e9pes rendszerr\u00e9 v\u00e1lt<\/h2>\n<p>2026-ban a Plug &amp; Charge (P&amp;C) m\u00e1r nem csak egy \u201ebe\u00e1ll\u00edtom \u00e9s elfelejtem\u201d funkci\u00f3, hanem egy <strong>folyamatos oper\u00e1ci\u00f3s rendszer<\/strong>.<br \/>\nAz ISO 15118 megb\u00edzhat\u00f3s\u00e1gi s\u00edkot (PKI + TLS + visszavon\u00e1s + friss\u00edt\u00e9sek) mostant\u00f3l olyan id\u0151vonalak szab\u00e1lyozz\u00e1k, amelyek nem toler\u00e1lj\u00e1k a manu\u00e1lis munkafolyamatokat.<\/p>\n<p>A rendszerhat\u00e1rok meg\u00e9rt\u00e9s\u00e9hez \u2013 mi\u00e9rt felel\u0151s az ISO 15118 szabv\u00e1ny az OCPP szabv\u00e1nyhoz k\u00e9pest \u2013 kezdj\u00fck a kapcsol\u00f3d\u00f3 cikk\u00fcnkkel:<br \/>\n<a href=\"https:\/\/www.evb.com\/hu\/iso-15118-ocpp-in-2026-real-world-deployment-pki-and-grid-readiness\/\">ISO 15118 vs. OCPP telep\u00edt\u00e9si val\u00f3s\u00e1g 2026-ban<\/a>.<\/p>\n<p>A k\u00f6zvetlen nyom\u00e1s a <strong>TLS \u00e9letciklus-t\u00f6m\u00f6r\u00edt\u00e9s<\/strong>M\u0171k\u00f6d\u00e9si szempontb\u00f3l nem lehet \u201em\u00e1rciusig v\u00e1rni\u201d.<br \/>\nA DigiCert fogja <strong>ne fogadj el<\/strong> nyilv\u00e1nos TLS-k\u00e9r\u00e9sek, amelyek meghaladj\u00e1k a <strong>199 nap<\/strong> kezd\u0151 <strong>2026. febru\u00e1r 24.<\/strong>,<br \/>\n\u00e9s az ett\u0151l a napt\u00f3l kezdve ki\u00e1ll\u00edtott tan\u00fas\u00edtv\u00e1nyok <strong>199 napos maxim\u00e1lis \u00e9rv\u00e9nyess\u00e9gi id\u0151<\/strong>.<br \/>\nA DigiCert egy kritikus m\u0171k\u00f6d\u00e9si r\u00e9szletet is kiemel: a maxim\u00e1lisan megengedett \u00e9rv\u00e9nyess\u00e9get a <strong>kibocs\u00e1t\u00e1s d\u00e1tuma<\/strong>, nem a rendel\u00e9s lead\u00e1sakor.<\/p>\n<p>Ugyanakkor az EU kiberbiztons\u00e1gi ellen\u00e1ll\u00f3 k\u00e9pess\u00e9gr\u0151l sz\u00f3l\u00f3 t\u00f6rv\u00e9nye (CRA) bevezet egy m\u00e1sodik \u00f3r\u00e1t: a jelent\u00e9st\u00e9teli szab\u00e1lyok el\u0151\u00edrj\u00e1k<br \/>\n<strong>24 \u00f3r\u00e1s korai figyelmeztet\u00e9s<\/strong> \u00e9s <strong>72 \u00f3r\u00e1s \u00e9rtes\u00edt\u00e9s<\/strong> az akt\u00edvan kihaszn\u00e1lt sebezhet\u0151s\u00e9gek \u00e9s a digit\u00e1lis elemeket tartalmaz\u00f3 term\u00e9keket \u00e9rint\u0151 s\u00falyos incidensek eset\u00e9n.<\/p>\n<p>Ez az \u00fatmutat\u00f3 az ISO 15118 tan\u00fas\u00edtv\u00e1nyok ezen korl\u00e1toz\u00e1sok melletti m\u0171k\u00f6dtet\u00e9s\u00e9nek architekt\u00far\u00e1j\u00e1ra \u00e9s kock\u00e1zatkezel\u00e9si mechanizmusaira \u00f6sszpontos\u00edt.<\/p>\n<h2>2024\u20132026 m\u00e9rf\u00f6ldk\u00f6vek \u00e9s sz\u00fcks\u00e9ges int\u00e9zked\u00e9sek (sz\u00f6veges Gantt)<\/h2>\n<table style=\"border-collapse: collapse; width: 100%;\" border=\"1\" cellspacing=\"0\" cellpadding=\"8\">\n<thead>\n<tr>\n<th>Ablak<\/th>\n<th>2024 m\u00e1sodik f\u00e9l\u00e9ve<\/th>\n<th>2025 els\u0151 f\u00e9l\u00e9ve<\/th>\n<th>2025 m\u00e1sodik f\u00e9l\u00e9ve<\/th>\n<th><strong>2026. febru\u00e1r 24.<\/strong><\/th>\n<th><strong>2026. m\u00e1rc. 15.<\/strong><\/th>\n<th><strong>2026. szeptember 11.<\/strong><\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>K\u00fcls\u0151 v\u00e1ltoz\u00e1s<\/strong><\/td>\n<td>CA \u00e1tmeneti jelek<\/td>\n<td>Pil\u00f3taautomatiz\u00e1l\u00e1s<\/td>\n<td>Trust horgonyf\u00far\u00f3k<\/td>\n<td><strong>A DigiCert 199 napos kibocs\u00e1t\u00e1sa megkezd\u0151dik<\/strong><\/td>\n<td><strong>200 napos BR-korl\u00e1toz\u00e1si szakasz kezdete<\/strong><\/td>\n<td>Akt\u00edv hitelmin\u0151s\u00edt\u0151 int\u00e9zetek jelent\u00e9st\u00e9teli k\u00f6telezetts\u00e9gei (az \u00fatmutat\u00f3 szerint)<\/td>\n<\/tr>\n<tr>\n<td><strong>Mit kell tenni<\/strong><\/td>\n<td>Lelt\u00e1r v\u00e9gpontjai<\/td>\n<td>ACME pil\u00f3ta + telemetria<\/td>\n<td>Offline strat\u00e9gia + trust-store bevezet\u00e9s<\/td>\n<td>Manu\u00e1lis meg\u00faj\u00edt\u00e1si \u00fatvonalak befagyaszt\u00e1sa<\/td>\n<td>Teljes rendszervez\u00e9relt meg\u00faj\u00edt\u00e1sok<\/td>\n<td>CRA asztali gyakorlatok + bizony\u00edt\u00e9kok lefolytat\u00e1sa<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>M\u0171k\u00f6d\u00e9si megjegyz\u00e9s:<\/strong> 2026. febru\u00e1r 24. gyakran az igazi \u00e1t\u00e1ll\u00e1si pont, mivel a kibocs\u00e1t\u00e1si viselked\u00e9s ezut\u00e1n megv\u00e1ltozik a f\u0151bb CA-k eset\u00e9ben.<\/p>\n<p><strong>Szab\u00e1lyzati megjegyz\u00e9s:<\/strong> A szakaszos \u00e9lettartam-cs\u00f6kkent\u00e9seket az Alapk\u00f6vetelm\u00e9nyek (200\/100\/47 nap) hat\u00e1rozz\u00e1k meg.<\/p>\n<h2>Az \u00e9letciklus-t\u00e1jk\u00e9p: Ki\u00e9p\u00edt\u00e9s \u2192 M\u0171k\u00f6d\u00e9s \u2192 Meg\u00faj\u00edt\u00e1s \u2192 Visszavon\u00e1s<\/h2>\n<h3>\u00c9letciklus t\u00e9rk\u00e9p (amit m\u0171k\u00f6dtetni kell tudni)<\/h3>\n<ol>\n<li><strong>OEM-ki\u00e9p\u00edt\u00e9s:<\/strong> Gener\u00e1lt\/befecskendezett kulcsok; a bizalom gy\u00f6kere l\u00e9trej\u00f6tt (HSM\/biztons\u00e1gos elem).<\/li>\n<li><strong>Szerz\u0151d\u00e9sk\u00f6t\u00e9s:<\/strong> Felhaszn\u00e1l\u00f3i szerz\u0151d\u00e9sekhez k\u00f6t\u00f6tt szerz\u0151d\u00e9ses tan\u00fas\u00edtv\u00e1nyok (\u00f6kosziszt\u00e9ma-f\u00fcgg\u0151).<\/li>\n<li><strong>EVSE \u00fczembe helyez\u00e9se:<\/strong> Megb\u00edzhat\u00f3s\u00e1gi t\u00e1rol\u00f3 alap\u00e9rt\u00e9kek, szab\u00e1lyzatok \u00e9s id\u0151szinkroniz\u00e1ci\u00f3s alap\u00e9rt\u00e9kek l\u00e9trehoz\u00e1sa.<\/li>\n<li><strong>M\u0171k\u00f6d\u00e9si valid\u00e1ci\u00f3:<\/strong> TLS k\u00e9zfog\u00e1sok, l\u00e1nc\u00e9p\u00edt\u00e9s, visszavon\u00e1s-ellen\u0151rz\u00e9s, szab\u00e1lyzat betartat\u00e1sa.<\/li>\n<li><strong>Meg\u00faj\u00edt\u00e1s \/ \u00fajb\u00f3li kiad\u00e1s:<\/strong> Automatiz\u00e1l\u00e1s + fokozatos bevezet\u00e9s + visszag\u00f6rget\u00e9s.<\/li>\n<li><strong>Visszavon\u00e1s \/ incidensre adott v\u00e1lasz:<\/strong> Kompromitt\u00e1l\u00e1s\/rossz kibocs\u00e1t\u00e1s\/kihaszn\u00e1l\u00e1s \u2192 visszavon\u00e1s\/rot\u00e1ci\u00f3\/helyre\u00e1ll\u00edt\u00e1s.<\/li>\n<li><strong>Fel\u00e9p\u00fcl\u00e9s \u00e9s megb\u00e9k\u00e9l\u00e9s:<\/strong> A szolg\u00e1ltat\u00e1s vissza\u00e1ll\u00edt\u00e1sa az audit\u00e1lhat\u00f3s\u00e1g \u00e9s a sz\u00e1ml\u00e1z\u00e1si integrit\u00e1s meg\u0151rz\u00e9se mellett.<\/li>\n<\/ol>\n<h3>Alulbecs\u00fclt kudarcpont: Trust Anchor Drift<\/h3>\n<p>A t\u00f6bb OEM-t tartalmaz\u00f3 k\u00f6rnyezetekben a legt\u00f6bb \u201erejt\u00e9lyes P&amp;C-hiba\u201d nem egyetlen lej\u00e1rt tan\u00fas\u00edtv\u00e1nyra vezethet\u0151 vissza \u2013 hanem\u2026<br \/>\n<strong>el\u00e9r\u00e9si \u00fat \u00e9rv\u00e9nyes\u00edt\u00e9si hib\u00e1k<\/strong> a bizalmi horgony eltol\u00f3d\u00e1sa okozza:<\/p>\n<ul>\n<li>\u00daj gy\u00f6kerek\/k\u00f6ztesek jelennek meg (t\u00f6bbgy\u00f6ker\u0171 val\u00f3s\u00e1g).<\/li>\n<li><strong>Keresztbe ad\u00e1s<\/strong> A v\u00e1ltoz\u00e1sok megv\u00e1ltoztatj\u00e1k a megval\u00f3s\u00edthat\u00f3 l\u00e1ncokat.<\/li>\n<li>A h\u00e1tt\u00e9rbeli megb\u00edzhat\u00f3s\u00e1gi t\u00e1rol\u00f3k gyorsabban friss\u00fclnek, mint az EVSE\/helyi vez\u00e9rl\u0151k.<\/li>\n<li>A visszavon\u00e1si m\u0171term\u00e9kek a sz\u00e9l\u00e9n elavulnak.<\/li>\n<\/ul>\n<p>A bizalmi horgonyok friss\u00edt\u00e9seit biztons\u00e1gkritikus v\u00e1ltoztat\u00e1si folyamatk\u00e9nt kezelje:<\/p>\n<ul>\n<li>Verzi\u00f3val ell\u00e1tott bizalmi t\u00e1rol\u00f3k<\/li>\n<li>Kan\u00e1ri bevezet\u00e9s<\/li>\n<li>Visszavon\u00e1si tervek<\/li>\n<li>Telemetria \u00e9rv\u00e9nyes\u00edt\u00e9si hib\u00e1k eset\u00e9n kibocs\u00e1t\u00f3\/sorozatsz\u00e1m\/el\u00e9r\u00e9si \u00fat szerint<\/li>\n<li>Egy explicit tulajdonos a \u201eki mit \u00e9s mikor friss\u00edt\u201d be\u00e1ll\u00edt\u00e1shoz<\/li>\n<\/ul>\n<p><strong>Keresztjelz\u00e9si \u00e9s \u00fat\u00e9p\u00edt\u00e9si hib\u00e1k (2026-os val\u00f3s\u00e1g):<\/strong> T\u00f6bbgy\u00f6ker\u0171 ISO 15118 \u00f6kosziszt\u00e9m\u00e1kban,<br \/>\nA Plug &amp; Charge gyakran nem az\u00e9rt hib\u00e1zik, mert egy tan\u00fas\u00edtv\u00e1ny \u00e9rv\u00e9nytelen, hanem az\u00e9rt, mert az EVSE nem tud \u00e9rv\u00e9nyes tan\u00fas\u00edtv\u00e1nyt l\u00e9trehozni.<br \/>\n<strong>tan\u00fas\u00edtv\u00e1ny el\u00e9r\u00e9si \u00fatja<\/strong> kereszt-al\u00e1\u00edr\u00e1si v\u00e1ltoz\u00e1sok ut\u00e1n (\u00faj k\u00f6zbens\u0151 szolg\u00e1ltat\u00f3k, \u00e1thidal\u00f3 hiteles\u00edt\u00e9sszolg\u00e1ltat\u00f3k, \u00fajra kiadott l\u00e1ncok).<br \/>\nAhogy egyre t\u00f6bb OEM \u00e9s PKI-tartom\u00e1ny csatlakozik, az el\u00e9r\u00e9si utak bonyolults\u00e1ga n\u00f6vekszik. Ha a peremh\u00e1l\u00f3zati megb\u00edzhat\u00f3s\u00e1g t\u00e1rolja (EVSE\/helyi vez\u00e9rl\u0151k) a...<br \/>\nA h\u00e1tt\u00e9rbeli friss\u00edt\u00e9sek elmarad\u00e1sa miatt a TLS k\u00e9zfog\u00e1sok akkor is sikertelenek lehetnek, ha a h\u00e1tt\u00e9rbeli tan\u00fas\u00edtv\u00e1nyok \u00f6nmagukban \u201e\u00e9rv\u00e9nyesnek\u201d t\u0171nnek.<\/p>\n<blockquote style=\"margin: 16px 0; padding: 12px 16px; border-left: 4px solid #ccc;\"><p><strong>1. \u00e1bra (Aj\u00e1nlott vizualiz\u00e1ci\u00f3): \u00datvonal-\u00e9rv\u00e9nyes\u00edt\u00e9s a Multi-Root ISO 15118 szabv\u00e1nyban<\/strong><\/p>\n<p>(V2G Root \/ OEM Root \/ Szerz\u0151d\u00e9ses Root, k\u00f6ztes term\u00e9kek \u00e9s kereszt-el\u0151jeles hidak megjelen\u00edt\u00e9se.)<br \/>\nJel\u00f6lje ki, hol szak\u00edtja meg az \u00fajonnan al\u00e1\u00edrt k\u00f6ztes azonos\u00edt\u00f3 az \u00fatvonal\u00e9p\u00edt\u00e9st az EVSE-n, ha a megb\u00edzhat\u00f3 t\u00e1rol\u00f3k nem friss\u00fclnek szinkronban.<\/p>\n<p><strong>F\u0151 \u00fczenet:<\/strong> A legt\u00f6bb, a \u201ePKI\u201d-ra fogott P&amp;C-kies\u00e9s val\u00f3j\u00e1ban <strong>el\u00e9r\u00e9si \u00fat \u00e9rv\u00e9nyes\u00edt\u00e9si hib\u00e1k<\/strong> a kereszt-al\u00e1\u00edr\u00e1si sodr\u00f3d\u00e1s \u00e9s a szinkroniz\u00e1latlan bizalmi t\u00e1rol\u00f3k \u00e1ltal vez\u00e9relve.<\/p><\/blockquote>\n<h2>ACME \u00e9s automatiz\u00e1l\u00e1s: Ember \u00e1ltal vezetett vs. rendszer \u00e1ltal vezetett 199\/200 napos \u00e9lettartam alatt<\/h2>\n<h3>Mi\u00e9rt v\u00e1lik a manu\u00e1lis meg\u00faj\u00edt\u00e1s determinisztikus kies\u00e9sgener\u00e1torr\u00e1?<\/h3>\n<p>A r\u00f6vid \u00e9lettartamok folyamatos meg\u00faj\u00edt\u00e1sokat tesznek lehet\u0151v\u00e9. A DigiCert l\u00e9p\u00e9se a k\u00f6vetkez\u0151re: <strong>199 nap 2026. febru\u00e1r 24-t\u0151l<\/strong><br \/>\nazonnal m\u0171k\u00f6d\u0151k\u00e9pess\u00e9 teszi ezt sz\u00e1mos flotta sz\u00e1m\u00e1ra. A t\u00e1gabb ipar\u00e1gi \u00fctemterv pedig m\u00e1r meg van hat\u00e1rozva:<br \/>\n<strong>200 nap<\/strong> (2026. m\u00e1rcius 15-t\u0151l), majd <strong>100 nap<\/strong>, akkor <strong>47 nap<\/strong>.<\/p>\n<p>B\u00e1rmely flotta eset\u00e9ben a meg\u00faj\u00edt\u00e1si esem\u00e9nyek a k\u00f6vetkez\u0151k\u00e9ppen sk\u00e1l\u00e1z\u00f3dnak:<\/p>\n<pre style=\"background: #f6f8fa; padding: 12px; overflow: auto;\"><code>Meg\u00faj\u00edt\u00e1si esem\u00e9nyek \u00e9vente \u2248 N \u00d7 (365 \/ L)<\/code><\/pre>\n<p>Ahol <code>\u00c9<\/code> a TLS v\u00e9gpontok sz\u00e1ma \u00e9s <code>L<\/code> a tan\u00fas\u00edtv\u00e1ny \u00e9lettartama (nap).<br \/>\nMint <code>L<\/code> cs\u00f6kken, az ember \u00e1ltal vezetett meg\u00fajul\u00e1s matematikailag \u00f6sszeegyeztethetetlenn\u00e9 v\u00e1lik az \u00fczemid\u0151-c\u00e9lokkal.<\/p>\n<h3>Forgat\u00f3k\u00f6nyv (Panel szint\u0171 m\u00e9retez\u00e9s)<\/h3>\n<p>Egy CPO sz\u00e1m\u00e1ra, amely m\u0171k\u00f6dik <strong>5000 v\u00e9gpont<\/strong>egy 199 napos \u00e9lettartam a k\u00f6vetkez\u0151ket jelenti:<\/p>\n<pre style=\"background: #f6f8fa; padding: 12px; overflow: auto;\"><code>Meg\u00faj\u00edt\u00e1si esem\u00e9nyek\/\u00e9v \u2248 5000 \u00d7 (365 \/ 199) \u2248 9171<\/code><\/pre>\n<p>Ebben a l\u00e9pt\u00e9kben m\u00e9g egy <strong>1% emberi hibasz\u00e1zal\u00e9k<\/strong> nagyj\u00e1b\u00f3l annyit tesz ki, mint<br \/>\n<strong>92 tan\u00fas\u00edtv\u00e1nyhoz kapcsol\u00f3d\u00f3 le\u00e1ll\u00e1s \u00e9vente<\/strong>\u2013 a cs\u00facsforgalmi id\u0151szakra gyakorolt hat\u00e1s figyelembev\u00e9tele el\u0151tt,<br \/>\nSLA-b\u00fcntet\u00e9sek, vagy kaszk\u00e1d jelleg\u0171 hib\u00e1k egy hubon kereszt\u00fcl.<\/p>\n<h3>ACME a t\u00f6lt\u0151h\u00e1l\u00f3zatokban: mit kellene automatiz\u00e1lnia<\/h3>\n<p>Az ACME (Automated Certificate Management Environment) a meg\u00faj\u00edt\u00e1sokat szab\u00e1lyzatvez\u00e9relt m\u0171veletekk\u00e9 alak\u00edtja a k\u00f6vetkez\u0151kh\u00f6z:<\/p>\n<ul>\n<li>EVSE \u2194 h\u00e1tt\u00e9rbeli TLS<\/li>\n<li>Helyi vez\u00e9rl\u0151 \/ Edge Proxy TLS<\/li>\n<li>Helyi \u00e1tj\u00e1r\u00f3k \u00e9s hub vez\u00e9rl\u0151k<\/li>\n<\/ul>\n<p><strong>Rendszervez\u00e9relt munkafolyamat (architekt\u00fara minta)<\/strong><\/p>\n<ol>\n<li><strong>Lelt\u00e1r<\/strong> minden v\u00e9gpont (kibocs\u00e1t\u00f3, sorozatsz\u00e1m, l\u00e1nc, lej\u00e1rat, utols\u00f3 rot\u00e1ci\u00f3).<\/li>\n<li><strong>Meg\u00faj\u00edt\u00e1si szab\u00e1lyzat<\/strong> (fix k\u00fcsz\u00f6b\u00e9rt\u00e9kn\u00e9l meg\u00faj\u00edthat\u00f3, nem pedig \u201elej\u00e1rathoz k\u00f6zeli id\u0151pontban\u201d).<\/li>\n<li><strong>Hardveres t\u00e1mogat\u00e1s\u00fa kulcsok<\/strong> ahol lehets\u00e9ges; ker\u00fclje a priv\u00e1t kulcsok export\u00e1l\u00e1s\u00e1t.<\/li>\n<li><strong>Fokozatos bevezet\u00e9s<\/strong> \u00e1llapotfelm\u00e9r\u00e9ssel (k\u00e9zfog\u00e1s + enged\u00e9lyez\u00e9s + munkamenet ind\u00edt\u00e1sa).<\/li>\n<li><strong>Automatikus visszag\u00f6rget\u00e9s<\/strong> a megn\u00f6vekedett meghib\u00e1sod\u00e1si ar\u00e1nyokr\u00f3l.<\/li>\n<li><strong>Bizony\u00edt\u00e9knapl\u00f3k<\/strong> minden kiad\u00e1shoz\/telep\u00edt\u00e9shez (megfelel\u0151s\u00e9gi szint\u0171 nyomon k\u00f6vethet\u0151s\u00e9g).<\/li>\n<\/ol>\n<p><strong>Ember \u00e1ltal vezetett vs. rendszer \u00e1ltal vezetett<\/strong><\/p>\n<ul>\n<li>Ember \u00e1ltal vezetett: Jegyek, t\u00e1bl\u00e1zatok, k\u00e9s\u0151i meg\u00faj\u00edt\u00e1sok, k\u00e9t\u00e9rtelm\u0171 tulajdonjog, kock\u00e1zatos v\u00e9szhelyzeti v\u00e1ltoztat\u00e1sok.<\/li>\n<li>Rendszervez\u00e9relt: Determinisztikus szab\u00e1lyzatok, automatiz\u00e1lt kiad\u00e1s, ellen\u0151rz\u00f6tt bevezet\u00e9s, folyamatos telemetria, audit\u00e1lhat\u00f3 bizony\u00edt\u00e9kok.<\/li>\n<\/ul>\n<h2>Visszavon\u00e1si ellen\u0151rz\u00e9sek: a \u201eP&amp;C Killer\u201d (CRL vs. OCSP, gyenge h\u00e1l\u00f3zatok \u00e9s v\u00e9dhet\u0151 szab\u00e1lyzatok)<\/h2>\n<h3>Mi\u00e9rt buknak meg az OCSP\/CRL a szervizekben \u00e9s a telephelyeken?<\/h3>\n<ul>\n<li>Gyenge\/szakaszos LTE\/5G<\/li>\n<li>Korl\u00e1tozott kil\u00e9p\u00e9s (t\u0171zfalak\/hiteles\u00edt\u00e9si port\u00e1lok)<\/li>\n<li>K\u00e9s\u00e9s-\u00e9rz\u00e9keny valid\u00e1ci\u00f3s l\u00e9p\u00e9sek<\/li>\n<li>K\u00fcls\u0151 f\u00fcgg\u0151s\u00e9gek (OCSP v\u00e1laszad\u00f3k, CRL terjeszt\u00e9si pontok)<\/li>\n<\/ul>\n<p>Eredm\u00e9ny: Az EVSE elind\u00edthat egy munkamenetet, de nem fejez\u0151dik be <strong>visszavon\u00e1si \u00e9rv\u00e9nyes\u00edt\u00e9s<\/strong> megb\u00edzhat\u00f3an.<\/p>\n<h3>CRL vs. OCSP: gyakorlati kompromisszumok<\/h3>\n<ul>\n<li><strong>CRL:<\/strong> nagyobb mennyis\u00e9g\u0171 let\u00f6lt\u00e9s, de gyors\u00edt\u00f3t\u00e1razhat\u00f3 \u00e9s \u00fctemezetten friss\u00edthet\u0151 (j\u00f3 a peremh\u00e1l\u00f3zati folytonoss\u00e1g szempontj\u00e1b\u00f3l).<\/li>\n<li><strong>OCSP:<\/strong> k\u00e9r\u00e9senk\u00e9nt k\u00f6nny\u0171, de gyakran \u00e9l\u0151 el\u00e9rhet\u0151s\u00e9get ig\u00e9nyel a leggyeng\u00e9bb \u00e9len.<\/li>\n<\/ul>\n<p>2026-ban a helyes testtart\u00e1s r\u00e9tegzett:<\/p>\n<ul>\n<li>\u00dctemezett CRL gyors\u00edt\u00f3t\u00e1raz\u00e1s a rugalmass\u00e1g \u00e9rdek\u00e9ben<\/li>\n<li>OCSP, ahol a kapcsolat megb\u00edzhat\u00f3<\/li>\n<li>Kifejezett szab\u00e1lyzat a leromlott k\u00f6r\u00fclm\u00e9nyekre vonatkoz\u00f3an<\/li>\n<\/ul>\n<h3>Mi\u00e9rt egyre nehezebb megv\u00e9deni a \u201epuha cs\u0151d\u00f6t\u201d?<\/h3>\n<p>T\u00f6rt\u00e9nelmileg a \u201esoft-fail\u201d (munkamenet enged\u00e9lyez\u00e9se, ha a visszavon\u00e1si ellen\u0151rz\u00e9sek id\u0151t\u00fall\u00e9p\u00e9st okoznak) meg\u0151rizte a rendelkez\u00e9sre \u00e1ll\u00e1st.<br \/>\n2026-ban a soft-fail nehezebben igazolhat\u00f3, mert:<\/p>\n<ul>\n<li>R\u00f6videbb \u00e9lettartam (kisebb tolerancia az elavult felt\u00e9telez\u00e9sekkel szemben)<\/li>\n<li>A CRA jelent\u00e9si \u00f3r\u00e1ja szigor\u00fabb incidensfegyelmet \u00e9s bizony\u00edt\u00e9kgy\u0171jt\u00e9st \u00edr el\u0151<\/li>\n<\/ul>\n<p>A v\u00e9dhet\u0151 tervhez explicit, dokument\u00e1lt szab\u00e1lyzat sz\u00fcks\u00e9ges:<\/p>\n<ul>\n<li><strong>Hard-fail<\/strong> nyilv\u00e1nos\/magas kock\u00e1zat\u00fa k\u00f6rnyezetekbe<\/li>\n<li><strong>Kegyelem-bizony\u00edt\u00e9kokkal<\/strong> z\u00e1rt flott\u00e1khoz (korl\u00e1tozott ablak + kompenz\u00e1l\u00f3 vez\u00e9rl\u0151k)<\/li>\n<li><strong>Bizony\u00edt\u00e9kok napl\u00f3z\u00e1sa<\/strong> minden megal\u00e1z\u00f3 d\u00f6nt\u00e9s\u00e9rt<\/li>\n<\/ul>\n<h3>Architektur\u00e1lis m\u00e9rs\u00e9kl\u00e9sek (mint\u00e1k, nem term\u00e9k\u00edg\u00e9retek)<\/h3>\n<p><strong>1. minta: Edge el\u0151ellen\u0151rz\u00e9s + gyors\u00edt\u00f3t\u00e1raz\u00e1s<\/strong><\/p>\n<ul>\n<li>Gyors\u00edt\u00f3t\u00e1r CRL-ek meghat\u00e1rozott frissess\u00e9gi ablakokkal<\/li>\n<li>Gyors\u00edt\u00f3t\u00e1r-k\u00f6ztes rendszerek \u00e9s valid\u00e1lt l\u00e1ncok<\/li>\n<li>El\u0151zetes leh\u00edv\u00e1s \u201ej\u00f3 internetkapcsolat\u201d eset\u00e9n<\/li>\n<\/ul>\n<p><strong>2. minta: OCSP t\u0171z\u00e9s (ahol megval\u00f3s\u00edthat\u00f3)<\/strong><\/p>\n<p>Az OCSP t\u0171z\u00e9s a visszavon\u00e1sbiztos k\u00e9zbes\u00edt\u00e9st a leggyeng\u00e9bb \u00e9lr\u0151l elmozd\u00edtja, cs\u00f6kkentve ezzel az \u00e9l\u0151 f\u00fcgg\u0151s\u00e9get a CA infrastrukt\u00far\u00e1t\u00f3l a munkamenet l\u00e9trehoz\u00e1sa sor\u00e1n.<\/p>\n<p><strong>Megval\u00f3s\u00edt\u00e1si megjegyz\u00e9s (be\u00e1gyazott val\u00f3s\u00e1g):<\/strong> EVSE k\u00f6rnyezetekben ellen\u0151rizze a t\u0171z\u00e9ssel kapcsolatos b\u0151v\u00edtm\u00e9ny t\u00e1mogat\u00e1s\u00e1t<br \/>\na be\u00e1gyazott TLS-veremben \u00e9s a build konfigur\u00e1ci\u00f3ban (pl. mbedTLS, wolfSSL), \u00e9s valid\u00e1lja a viselked\u00e9st a kor\u00e1bbi hardvereken,<br \/>\nmivel a jellemz\u0151k teljess\u00e9ge \u00e9s a mem\u00f3ria\/RTOS korl\u00e1tok elt\u00e9r\u0151ek.<\/p>\n<p><strong>3. minta: T\u00f6bbgy\u00f6k\u00e9r\u0171 megb\u00edzhat\u00f3s\u00e1gi ir\u00e1ny\u00edt\u00e1s<\/strong><\/p>\n<ul>\n<li>Egys\u00e9ges megb\u00edzhat\u00f3s\u00e1gi t\u00e1rol\u00f3 friss\u00edt\u00e9si csatorna t\u00f6bb OEM-horgonyhoz<\/li>\n<li>Canary friss\u00edt\u00e9sek + visszavon\u00e1s, ha az \u00fatvonal\u00e9p\u00edt\u00e9si hib\u00e1k megn\u0151nek<\/li>\n<\/ul>\n<p><strong>4. minta: Id\u0151szinkroniz\u00e1l\u00e1s ir\u00e1ny\u00edt\u00e1sa (nem alku t\u00e1rgya)<\/strong><\/p>\n<ul>\n<li>NTP-szab\u00e1lyzat (vagy adott esetben PTP)<\/li>\n<li>Sodr\u00f3d\u00e1s-monitoroz\u00e1s \u00e9s riaszt\u00e1si k\u00fcsz\u00f6b\u00e9rt\u00e9kek<\/li>\n<li>Meghat\u00e1rozott viselked\u00e9s, ha az \u00f3r\u00e1k nem megb\u00edzhat\u00f3ak<\/li>\n<\/ul>\n<h2>Offline folytonoss\u00e1g: a Plug &amp; Charge funkci\u00f3 haszn\u00e1lhat\u00f3 marad a felh\u0151alap\u00fa peremh\u00e1l\u00f3zati kapcsolat megszakad\u00e1sa eset\u00e9n is<\/h2>\n<h3>Mi az offline folytonoss\u00e1g (\u00e9s mi nem)?<\/h3>\n<p>Az offline folytonoss\u00e1g nem a \u201ePKI megker\u00fcl\u00e9s\u00e9t\u201d jelenti. Ez egy szab\u00e1lyozott degrad\u00e1ci\u00f3, amely meg\u0151rzi:<\/p>\n<ul>\n<li>Kulcsok \u00e9s bizalmi t\u00e1rol\u00f3k integrit\u00e1sa<\/li>\n<li>Sz\u00e1ml\u00e1z\u00e1si \u00e9s incidensekre adott v\u00e1lasz audit\u00e1lhat\u00f3s\u00e1ga<\/li>\n<li>Explicit korl\u00e1toz\u00e1sok arra vonatkoz\u00f3an, hogy mi valid\u00e1lhat\u00f3 helyben (\u00e9s mennyi ideig)<\/li>\n<\/ul>\n<h3>Helyi vez\u00e9rl\u0151k \/ Edge proxyk, mint rendelkez\u00e9sre \u00e1ll\u00e1si primit\u00edvek<\/h3>\n<ul>\n<li>Helyi megb\u00edzhat\u00f3 gyors\u00edt\u00f3t\u00e1rak (horgonyok\/k\u00f6ztes elemek\/CRL-ek) karbantart\u00e1sa<\/li>\n<li>Korl\u00e1tozott helyi jogosults\u00e1gkezel\u00e9si szab\u00e1lyzatok \u00e9rv\u00e9nyes\u00edt\u00e9se<\/li>\n<li>Pufferm\u00e9r\u00e9s\/napl\u00f3k k\u00e9s\u0151bbi egyeztet\u00e9shez<\/li>\n<li>Cs\u00f6kkentse a WAN robban\u00e1si sugar\u00e1t az\u00e1ltal, hogy helyi v\u00e9gpontk\u00e9nt m\u0171k\u00f6dik az EVSE sz\u00e1m\u00e1ra<\/li>\n<\/ul>\n<blockquote style=\"margin: 16px 0; padding: 12px 16px; border-left: 4px solid #ccc;\"><p><strong>2. \u00e1bra (Aj\u00e1nlott vizualiz\u00e1ci\u00f3): Edge Proxy, mint megb\u00edzhat\u00f3 gyors\u00edt\u00f3t\u00e1r gyenge h\u00e1l\u00f3zati helyeken<\/strong><\/p>\n<p>(EVSE-k csatlakoz\u00e1sa helysz\u00edni Edge Proxyhoz\/helyi vez\u00e9rl\u0151h\u00f6z. A proxy gyors\u00edt\u00f3t\u00e1rban t\u00e1rolt megb\u00edzhat\u00f3s\u00e1gi horgonyokat\/k\u00f6ztes elemeket tart fenn,<br \/>\n\u00fctemezett CRL friss\u00edt\u00e9s, id\u0151szinkroniz\u00e1l\u00e1s-figyel\u00e9s \u00e9s bizony\u00edt\u00e9knapl\u00f3k; puffereli az esem\u00e9nyeket a felh\u0151alap\u00fa CSMS\/PKI-be, ha a kimen\u0151 kapcsolat instabil.)<\/p>\n<p><strong>F\u0151 \u00fczenet:<\/strong> A peremh\u00e1l\u00f3zati proxyk cs\u00f6kkentik a k\u00fcls\u0151 OCSP\/CRL v\u00e9gpontokt\u00f3l val\u00f3 \u00e9l\u0151 f\u00fcgg\u0151s\u00e9get, \u00e9s lehet\u0151v\u00e9 teszik a szab\u00e1lyozott offline folytonoss\u00e1got a PKI megker\u00fcl\u00e9se n\u00e9lk\u00fcl.<\/p><\/blockquote>\n<h2>CRA \u00e9s VMP: 2026 szeptember\u00e9t\u0151l kezd\u0151d\u0151 jelent\u00e9st\u00e9teli hat\u00e1rid\u0151kt\u0151l audit\u00e1lhat\u00f3 m\u0171k\u00f6d\u00e9si modell fel\u00e9<\/h2>\n<h3>CRA jelent\u00e9st\u00e9teli szab\u00e1lyok: 24\/72 \u00f3r\u00e1s rendszerhez igazod\u00f3 tervez\u00e9s<\/h3>\n<p>A hitelmin\u0151s\u00edt\u0151 int\u00e9zetek jelent\u00e9st\u00e9teli szab\u00e1lyai el\u0151\u00edrj\u00e1k a gy\u00e1rt\u00f3k sz\u00e1m\u00e1ra, hogy \u00e9rtes\u00edts\u00e9k az akt\u00edvan kihaszn\u00e1lt sebezhet\u0151s\u00e9gekr\u0151l \u00e9s a s\u00falyos, a hitelmin\u0151s\u00edt\u00e9st befoly\u00e1sol\u00f3 esem\u00e9nyekr\u0151l.<br \/>\na digit\u00e1lis elemeket tartalmaz\u00f3 term\u00e9kek biztons\u00e1g\u00e1r\u00f3l:<\/p>\n<ul>\n<li><strong>Korai figyelmeztet\u00e9s 24 \u00f3r\u00e1n bel\u00fcl<\/strong> a tudatosul\u00e1s<\/li>\n<li><strong>Teljes k\u00f6r\u0171 \u00e9rtes\u00edt\u00e9s 72 \u00f3r\u00e1n bel\u00fcl<\/strong><\/li>\n<li><strong>Z\u00e1r\u00f3jelent\u00e9s<\/strong> meghat\u00e1rozott id\u0151ablakokon bel\u00fcl (az incidensoszt\u00e1lyt\u00f3l f\u00fcgg\u0151en)<\/li>\n<\/ul>\n<p>T\u00f6meges visszavon\u00e1s vagy bizalmi pont kompromitt\u00e1l\u00f3d\u00e1sa \u00e1ltal okozott nagym\u00e9rt\u00e9k\u0171 Plug &amp; Charge zavar <strong>jogosult lehet<\/strong><br \/>\ns\u00falyos incidensk\u00e9nt, a hat\u00e1st\u00f3l \u00e9s a kiakn\u00e1z\u00e1si bizony\u00edt\u00e9kokt\u00f3l f\u00fcgg\u0151en.<\/p>\n<h3>Sebezhet\u0151s\u00e9gkezel\u00e9si folyamat (VMP): minim\u00e1lisan megval\u00f3s\u00edthat\u00f3 k\u00e9pess\u00e9gek<\/h3>\n<ol>\n<li><strong>A flotta igazs\u00e1ga:<\/strong> eszk\u00f6z + verzi\u00f3 lelt\u00e1r (EVSE firmware, vez\u00e9rl\u0151k\u00e9pek, megb\u00edzhat\u00f3 t\u00e1rol\u00f3 verzi\u00f3k).<\/li>\n<li><strong>SBOM integr\u00e1ci\u00f3 (dinamikus):<\/strong> Az SBOM telep\u00edthet\u0151 m\u0171term\u00e9kekhez van rendelve; folyamatos korrel\u00e1ci\u00f3 a sebezhet\u0151s\u00e9gi inform\u00e1ci\u00f3kkal.<\/li>\n<li><strong>VEX-vez\u00e9relt expoz\u00edci\u00f3kezel\u00e9s:<\/strong> Tartsa karban a VEX utas\u00edt\u00e1sokat a \u201ejelenlegi, de nem kihaszn\u00e1lhat\u00f3\u201d \u00e9s a \u201ekihaszn\u00e1lhat\u00f3 a telep\u00edt\u00e9s\u00fcnkben\u201d \u00e1llapotok megk\u00fcl\u00f6nb\u00f6ztet\u00e9s\u00e9re, lehet\u0151v\u00e9 t\u00e9ve a hiteles hat\u00f3k\u00f6r-meghat\u00e1roz\u00e1st a T+24 \u00f3r\u00e1s id\u0151ablakon bel\u00fcl.<\/li>\n<li><strong>Mi\u00e9rt fontos a VEX a 24 \u00f3r\u00e1s rendszerben:<\/strong> Az SBOM megmondja, mi van jelen; a VEX seg\u00edt meghat\u00e1rozni, hogy mi az <strong>kitermelhet\u0151<\/strong>, cs\u00f6kkentve a t\u00e9ves riaszt\u00e1sokat \u00e9s megakad\u00e1lyozva, hogy az operat\u00edv csapatok a nem kihaszn\u00e1lhat\u00f3 zajokat \u00fcld\u00f6zz\u00e9k.<\/li>\n<li><strong>Felv\u00e9tel \u00e9s tri\u00e1zs:<\/strong> besz\u00e1ll\u00edt\u00f3i figyelmeztet\u00e9sek, CVE-k, bels\u0151 meg\u00e1llap\u00edt\u00e1sok; a kihaszn\u00e1lhat\u00f3s\u00e1g \u00e9s a kitetts\u00e9g priorit\u00e1sa.<\/li>\n<li><strong>T+24 \u00f3r\u00e1s hat\u00f3k\u00f6r-felm\u00e9r\u00e9si munkafolyamat:<\/strong> SBOM + VEX + lelt\u00e1r\u00f6sszegz\u00e9s az \u00e9rintett popul\u00e1ci\u00f3k azonos\u00edt\u00e1s\u00e1hoz; kezdeti elszigetel\u00e9si d\u00f6nt\u00e9sek; bizony\u00edt\u00e9kok \u00f6sszegy\u0171jt\u00e9se.<\/li>\n<li><strong>T+72h \u00e9rtes\u00edt\u00e9si munkafolyamat:<\/strong> meger\u0151s\u00edtett hat\u00f3k\u00f6r, enyh\u00edt\u00e9sek, bevezet\u00e9si\/vissza\u00e1ll\u00edt\u00e1si terv, kommunik\u00e1ci\u00f3s rekord.<\/li>\n<li><strong>Z\u00e1r\u00f3jelent\u00e9s munkafolyamata:<\/strong> valid\u00e1ci\u00f3s bizony\u00edt\u00e9k + kiv\u00e1lt\u00f3 ok + megel\u0151z\u0151 fejleszt\u00e9sek a korrekci\u00f3s int\u00e9zked\u00e9s el\u00e9rhet\u0151s\u00e9ge ut\u00e1n.<\/li>\n<li><strong>Patch kadencia m\u00e9rn\u00f6ks\u00e9g:<\/strong> szakaszos bevezet\u00e9s, visszag\u00f6rget\u00e9si tervek, al\u00e1\u00edrt \u00f6sszetev\u0151k, ellen\u0151rz\u0151 kapuk.<\/li>\n<li><strong>A bizalmi l\u00e1nc \u00e9rv\u00e9nyes\u00edt\u00e9se:<\/strong> biztons\u00e1gos rendszerind\u00edt\u00e1s + biztons\u00e1gos firmware-friss\u00edt\u00e9sek; HSM\/biztons\u00e1gos elemekben v\u00e9dett al\u00e1\u00edr\u00e1si kulcsok.<\/li>\n<li><strong>Bizony\u00edt\u00e9kokon alapul\u00f3 napl\u00f3z\u00e1s:<\/strong> tan\u00fas\u00edtv\u00e1nyesem\u00e9nyek, megb\u00edzhat\u00f3s\u00e1gi t\u00e1rol\u00f3 v\u00e1ltoz\u00e1sai, visszavon\u00e1si hib\u00e1k, id\u0151szinkroniz\u00e1l\u00e1s \u00e1llapota.<\/li>\n<\/ol>\n<p><strong>Magas s\u00falyoss\u00e1g\u00fa bizalmi forgat\u00f3k\u00f6nyv:<\/strong> Ha a visszavon\u00e1st egy felt\u00f6rt gy\u00f6k\u00e9r- vagy kibocs\u00e1t\u00f3kulcs v\u00e1ltja ki,<br \/>\nkezelje azt s\u00falyos bizalmi incidensk\u00e9nt, amely azonnali elszigetel\u00e9st \u00e9s a flotta eg\u00e9sz\u00e9re kiterjed\u0151 bizalmi adatt\u00e1rol\u00e1si int\u00e9zked\u00e9seket ig\u00e9nyel,<br \/>\n\u00e9s a CRA-kkal \u00f6sszehangolt jelent\u00e9st\u00e9teli k\u00e9szs\u00e9g a hat\u00e1s- \u00e9s hasznos\u00edt\u00e1si bizony\u00edt\u00e9kok alapj\u00e1n.<\/p>\n<h3>CRA incidensre adott v\u00e1lasz visszasz\u00e1ml\u00e1l\u00f3 ellen\u0151rz\u0151lista (m\u0171k\u00f6d\u00e9si sablon)<\/h3>\n<h4>T+0 (\u00c9szlel\u00e9s \/ Tudatoss\u00e1g)<\/h4>\n<ul>\n<li>Bizony\u00edt\u00e9kok befagyaszt\u00e1sa: napl\u00f3k, tan\u00fas\u00edtv\u00e1nyesem\u00e9nyek, megb\u00edzhat\u00f3 t\u00e1rol\u00f3 verzi\u00f3k, id\u0151szinkroniz\u00e1l\u00e1s \u00e1llapota<\/li>\n<li>\u00c9rintett fel\u00fcletek azonos\u00edt\u00e1sa: EVSE firmware, helyi vez\u00e9rl\u0151k, h\u00e1tt\u00e9rbeli TLS v\u00e9gpontok<\/li>\n<li>PKI-szolg\u00e1ltat\u00f3 \/ h\u00e1tt\u00e9rbiztons\u00e1gi kapcsolattart\u00f3 megkeres\u00e9se<\/li>\n<\/ul>\n<h4>T+24h (Korai figyelmeztet\u0151 k\u00e9sz\u00fclts\u00e9g)<\/h4>\n<ul>\n<li><strong>F\u0151 c\u00e9lkit\u0171z\u00e9s:<\/strong> Haszn\u00e1lat <strong>SBOM + VEX + flottak\u00e9szlet<\/strong> az \u00e9rintett popul\u00e1ci\u00f3 meghat\u00e1roz\u00e1sa \u00e9s bizony\u00edt\u00e9kokkal al\u00e1t\u00e1masztott korai figyelmeztet\u00e9s beny\u00fajt\u00e1sa<\/li>\n<li>Elk\u00fcl\u00f6n\u00edt\u00e9s eld\u00f6nt\u00e9se: visszavon\u00e1s\/rot\u00e1ci\u00f3, megb\u00edzhat\u00f3 t\u00e1rol\u00e1s visszag\u00f6rget\u00e9se, webhely elk\u00fcl\u00f6n\u00edt\u00e9se<\/li>\n<li>Korai figyelmeztet\u0151 csomag tervezete: hat\u00f3k\u00f6r, folyamatban l\u00e9v\u0151 enyh\u00edt\u00e9sek, ideiglenes helyzet<\/li>\n<\/ul>\n<h4>T+72h (Teljes k\u00f6r\u0171 \u00e9rtes\u00edt\u00e9si k\u00e9szenl\u00e9t)<\/h4>\n<ul>\n<li>\u00c9rintett popul\u00e1ci\u00f3k r\u00e9gi\u00f3nk\u00e9nt\/helysz\u00ednenk\u00e9nti meger\u0151s\u00edt\u00e9se; k\u00e1rmentes\u00edt\u00e9si terv + megval\u00f3s\u00edt\u00e1si m\u00f3dszer megad\u00e1sa<\/li>\n<li>\u00dcgyf\u00e9l\/\u00fczemeltet\u0151 kommunik\u00e1ci\u00f3s \u00e9s eszkal\u00e1ci\u00f3s nyilv\u00e1ntart\u00e1s k\u00e9sz\u00edt\u00e9se<\/li>\n<\/ul>\n<h4>Z\u00e1r\u00f3jelent\u00e9si id\u0151szak<\/h4>\n<ul>\n<li>A CRA k\u00f6vetelm\u00e9nyeinek megfelel\u0151 z\u00e1r\u00f3jelent\u00e9s beny\u00fajt\u00e1sa (az id\u0151z\u00edt\u00e9s az incidens oszt\u00e1ly\u00e1t\u00f3l f\u00fcgg)<\/li>\n<li>Jav\u00edt\u00e1s ut\u00e1ni valid\u00e1ci\u00f3s bizony\u00edt\u00e9kok + tanuls\u00e1gok<\/li>\n<\/ul>\n<h2>K\u00f6lts\u00e9g- \u00e9s kock\u00e1zatsz\u00e1m\u00edt\u00e1s (Sablonok, amelyeket beilleszthet a flott\u00e1j\u00e1ba)<\/h2>\n<h3>K\u00e9zi meg\u00faj\u00edt\u00e1si munkak\u00f6lts\u00e9g-modell<\/h3>\n<p>Legyen:<\/p>\n<ul>\n<li><code>\u00c9<\/code> = TLS v\u00e9gpontok sz\u00e1ma (EVSE + vez\u00e9rl\u0151k + \u00e1tj\u00e1r\u00f3k + fel\u00fcgyelt h\u00e1tt\u00e9rcsom\u00f3pontok)<\/li>\n<li><code>L<\/code> = tan\u00fas\u00edtv\u00e1ny \u00e9lettartama (nap)<\/li>\n<li><code>t<\/code> = emberi id\u0151 meg\u00fajul\u00e1sonk\u00e9nt (\u00f3ra)<\/li>\n<li><code>c<\/code> = teljes terhel\u00e9s\u0171 munkak\u00f6lts\u00e9g (USD\/\u00f3ra)<\/li>\n<\/ul>\n<pre style=\"background: #f6f8fa; padding: 12px; overflow: auto;\"><code>K\u00f6lts\u00e9g_munka \u2248 N \u00d7 (365 \/ L) \u00d7 t \u00d7 c<\/code><\/pre>\n<h3>Kimarad\u00e1si kock\u00e1zati modell (lej\u00e1rat vagy sikertelen telep\u00edt\u00e9s)<\/h3>\n<p>Legyen:<\/p>\n<ul>\n<li><code>P_kisasszony<\/code> = a ciklusonk\u00e9nti elmulasztott\/sikertelen meg\u00faj\u00edt\u00e1s val\u00f3sz\u00edn\u0171s\u00e9ge<\/li>\n<li><code>H_down<\/code> = v\u00e1rhat\u00f3 \u00e1ll\u00e1sid\u0151 \u00f3r\u00e1kban incidensenk\u00e9nt<\/li>\n<li><code>C_\u00f3ra<\/code> = \u00f3r\u00e1nk\u00e9nti \u00fczleti hat\u00e1s (kiesett bev\u00e9tel, b\u00fcntet\u00e9sek, SLA-j\u00f3v\u00e1\u00edr\u00e1sok)<\/li>\n<\/ul>\n<pre style=\"background: #f6f8fa; padding: 12px; overflow: auto;\"><code>K\u00f6lts\u00e9g_kimarad\u00e1s \u2248 P_kies\u00e9s \u00d7 H_le\u00e1ll\u00e1s \u00d7 C_\u00f3ra<\/code><\/pre>\n<h2>D\u00f6nt\u00e9si \u00fatmutat\u00f3: Online visszavon\u00e1si ellen\u0151rz\u00e9sek sikertelens\u00e9ge eset\u00e9n (OCSP\/CRL id\u0151t\u00fall\u00e9p\u00e9s)<\/h2>\n<ol>\n<li><strong>Nyilv\u00e1nos telephely vagy z\u00e1rt flotta\/telephely?<\/strong>\n<ul>\n<li>Nyilv\u00e1nos \u2192 el\u0151nyben r\u00e9szes\u00edt\u00e9s <strong>Hard-fail<\/strong> (vagy szigor\u00faan ellen\u0151rz\u00f6tt kegyelem, csak bizony\u00edt\u00e9kokkal + kompenz\u00e1l\u00f3 kontrollokkal)<\/li>\n<li>Flotta\/telephely \u2192 <strong>Kegyelem-bizony\u00edt\u00e9kokkal<\/strong> korl\u00e1tozott ablakok eset\u00e9n elfogadhat\u00f3 lehet<\/li>\n<\/ul>\n<\/li>\n<li><strong>El\u0151re l\u00e1that\u00f3-e a h\u00e1l\u00f3zat megb\u00edzhat\u00f3s\u00e1ga?<\/strong>\n<ul>\n<li>Igen \u2192 Online OCSP\/CRL + monitoroz\u00e1s<\/li>\n<li>Nem \u2192 <strong>Edge el\u0151ellen\u0151rz\u00e9s + gyors\u00edt\u00f3t\u00e1raz\u00e1s<\/strong> (CRL friss\u00edt\u00e9si ablakok, gyors\u00edt\u00f3t\u00e1rban t\u00e1rolt l\u00e1ncok)<\/li>\n<\/ul>\n<\/li>\n<li><strong>Cs\u00f6kkenthet\u0151 az online f\u00fcgg\u0151s\u00e9g a munkamenetek alatt?<\/strong>\n<ul>\n<li>Ahol lehets\u00e9ges \u2192 fogadj el <strong>OCSP t\u0171z\u00e9si minta<\/strong> (tolja k\u00f6zelebb a sz\u00e9l\u00e9hez a v\u00e9d\u0151r\u00e9teget)<\/li>\n<\/ul>\n<\/li>\n<li><strong>Van bizony\u00edt\u00e9knapl\u00f3z\u00e1suk + id\u0151szinkroniz\u00e1l\u00e1si ir\u00e1ny\u00edt\u00e1suk?<\/strong>\n<ul>\n<li>Ha nem \u2192 el\u0151sz\u00f6r ezeket jav\u00edtsd ki; a leromlott m\u00f3d\u00fa szab\u00e1lyzatokat neh\u00e9z megv\u00e9deni n\u00e9lk\u00fcl\u00fck<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2>Gyakorlati felel\u0151ss\u00e9gi m\u00e1trix (a kimarad\u00e1sok megel\u0151z\u00e9s\u00e9re szolg\u00e1l\u00f3 hat\u00e1rok)<\/h2>\n<table style=\"border-collapse: collapse; width: 100%;\" border=\"1\" cellspacing=\"0\" cellpadding=\"8\">\n<thead>\n<tr>\n<th>Szerep<\/th>\n<th>Kibocs\u00e1t\u00e1s<\/th>\n<th>\u00c9rv\u00e9nyes\u00edt\u00e9s<\/th>\n<th>Jelent\u00e9st\u00e9tel<\/th>\n<th>Friss\u00edtse a ritmust<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>CPO-k<\/strong><\/td>\n<td>TLS\/identit\u00e1sstrat\u00e9gia; automatiz\u00e1lt meg\u00faj\u00edt\u00e1s kik\u00e9nyszer\u00edt\u00e9se; v\u00e9gpont-lelt\u00e1r karbantart\u00e1sa; CA \u00e1t\u00e1ll\u00e1si viselked\u00e9s\u00e9nek megtervez\u00e9se (199 napos kibocs\u00e1t\u00e1s febru\u00e1r 24-t\u0151l a DigiCert sz\u00e1m\u00e1ra)<\/td>\n<td>Hard\/soft-fail szab\u00e1lyzat meghat\u00e1roz\u00e1sa; visszavon\u00e1si artifaktumok frissess\u00e9ge; <strong>Id\u0151szinkroniz\u00e1l\u00e1s ir\u00e1ny\u00edt\u00e1sa<\/strong> (NTP\/PTP, sodr\u00f3d\u00e1sfigyel\u00e9s, riaszt\u00e1sok)<\/td>\n<td>Incidens-forgat\u00f3k\u00f6nyvek m\u0171k\u00f6dtet\u00e9se; CRA-kkal \u00f6sszehangolt jelent\u00e9st\u00e9teli k\u00e9szenl\u00e9t el\u0151mozd\u00edt\u00e1sa (24\/72\/v\u00e9gleges)<\/td>\n<td>Folyamatos lej\u00e1ratfigyel\u00e9s; bizalmi t\u00e1rol\u00f3 friss\u00edt\u00e9se; v\u00e9szhelyzeti bizalmi horgonym\u00f3dos\u00edt\u00e1sok; id\u0151szinkron auditok<\/td>\n<\/tr>\n<tr>\n<td><strong>EVSE OEM-ek<\/strong><\/td>\n<td>Hardveralap\u00fa kulcst\u00e1rol\u00e1s; eszk\u00f6zazonoss\u00e1g-ellen\u0151rz\u00e9s; automatiz\u00e1l\u00e1si hookok; biztons\u00e1gos rendszerind\u00edt\u00e1si\/friss\u00edt\u00e9si primit\u00edvek<\/td>\n<td>TLS-poz\u00edci\u00f3; l\u00e1nc\u00e9p\u00edt\u00e9s; visszavon\u00e1si viselked\u00e9s; megb\u00edzhat\u00f3 t\u00e1rol\u00f3k kezel\u00e9se; biztons\u00e1gos rendszerind\u00edt\u00e1s + biztons\u00e1gos firmware-friss\u00edt\u00e9si l\u00e1nc<\/td>\n<td>Term\u00e9k sebezhet\u0151s\u00e9geinek kezel\u00e9se; tan\u00e1csad\u00e1s; jav\u00edt\u00f3csomagok; \u00fczemeltet\u0151i jelent\u00e9sek t\u00e1mogat\u00e1sa technikai t\u00e9nyekkel<\/td>\n<td>Rendszeres kiad\u00e1sok + v\u00e9szhelyzeti jav\u00edt\u00e1sok; meghat\u00e1rozott t\u00e1mogat\u00e1si ablakok; kulcsrot\u00e1ci\u00f3s \u00fatmutat\u00f3k<\/td>\n<\/tr>\n<tr>\n<td><strong>H\u00e1tt\u00e9r-\/V2G PKI-szolg\u00e1ltat\u00f3k<\/strong><\/td>\n<td>Szerz\u0151d\u00e9ses \u00f6kosziszt\u00e9ma kibocs\u00e1t\u00e1sa (ahol a hat\u00f3k\u00f6rbe tartozik); CA\/RA m\u0171veletek; kibocs\u00e1t\u00e1si szab\u00e1lyzat<\/td>\n<td>H\u00e1tt\u00e9rellen\u0151rz\u00e9s; OCSP\/CRL el\u00e9rhet\u0151s\u00e9ge; bizalmi horgonyok ir\u00e1ny\u00edt\u00e1sa<\/td>\n<td>Incidens\/sebezhet\u0151s\u00e9gi adatok megad\u00e1sa; CRA \u00fctemterv bizony\u00edt\u00e9kcsomagok t\u00e1mogat\u00e1sa<\/td>\n<td>Gyakori szab\u00e1lyzat-\/bizalmi horgonyfriss\u00edt\u00e9sek; OCSP\/CRL rugalmass\u00e1g\u00e1nak fejleszt\u00e9se; folyamatos monitoroz\u00e1s<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Sz\u00f3jegyz\u00e9k<\/h2>\n<ul>\n<li><strong>PKI:<\/strong> Nyilv\u00e1nos kulcs\u00fa infrastrukt\u00fara (kibocs\u00e1t\u00e1s, valid\u00e1l\u00e1s, bizalmi horgonyok, visszavon\u00e1s)<\/li>\n<li><strong>CS\u00daCSPONT:<\/strong> Automatiz\u00e1lt tan\u00fas\u00edtv\u00e1nykezel\u0151 k\u00f6rnyezet (automatiz\u00e1lt kibocs\u00e1t\u00e1s\/meg\u00faj\u00edt\u00e1s)<\/li>\n<li><strong>OCSP \/ CRL:<\/strong> Online tan\u00fas\u00edtv\u00e1ny\u00e1llapot-protokoll \/ Tan\u00fas\u00edtv\u00e1ny-visszavon\u00e1si lista<\/li>\n<li><strong>OCSP t\u0171z\u00e9s:<\/strong> A szerver visszavon\u00e1si bizony\u00edt\u00e9kot k\u00edn\u00e1l az \u00e9l\u0151 OCSP-f\u00fcgg\u0151s\u00e9g cs\u00f6kkent\u00e9se \u00e9rdek\u00e9ben.<\/li>\n<li><strong>Bizalmi horgonyok:<\/strong> A valid\u00e1torok \u00e1ltal megb\u00edzhat\u00f3 gy\u00f6k\u00e9r-\/k\u00f6ztes tan\u00fas\u00edtv\u00e1nyok<\/li>\n<li><strong>SBOM:<\/strong> Szoftver anyagjegyz\u00e9ke (komponenslelt\u00e1r a sebezhet\u0151s\u00e9gek hat\u00f3k\u00f6r\u00e9nek meghat\u00e1roz\u00e1s\u00e1hoz)<\/li>\n<li><strong>BOSSZANT:<\/strong> Sebezhet\u0151s\u00e9gi Kihaszn\u00e1lhat\u00f3s\u00e1gi eXchange (kihaszn\u00e1lhat\u00f3s\u00e1gi \u00e1llapotjelent\u00e9sek)<\/li>\n<li><strong>TLS 1.3:<\/strong> Modern TLS profil; a k\u00e9zfog\u00e1s + a tan\u00fas\u00edtv\u00e1ny\u00e9rv\u00e9nyes\u00edt\u00e9s tov\u00e1bbra is k\u00e9sleltet\u00e9s-\u00e9rz\u00e9keny<\/li>\n<li><strong>VMP:<\/strong> Sebezhet\u0151s\u00e9gkezel\u00e9si folyamat (felv\u00e9tel, priorit\u00e1si sorrend, jav\u00edt\u00e1s, jelent\u00e9st\u00e9tel, bizony\u00edt\u00e9kok)<\/li>\n<\/ul>\n<h2>El\u0151retekint\u0151 kock\u00e1zat: Kriptoagilit\u00e1s \u00e9s PQC-felk\u00e9sz\u00fclts\u00e9g<\/h2>\n<p>M\u00edg 2026-ot a r\u00f6vid TLS-\u00e9lettartamok \u00e9s a CRA-jelent\u00e9sek uralj\u00e1k, a t\u00f6lt\u0151infrastrukt\u00far\u00e1knak el kell kezdeni\u00fck az \u00e9rt\u00e9kel\u00e9st<br \/>\n<strong>kriptoagilit\u00e1s<\/strong>Hossz\u00fa \u00e9lettartam\u00fa eszk\u00f6z\u00f6k (j\u00e1rm\u0171vek \u00e9s t\u00f6lt\u0151k) eset\u00e9ben az architekt\u00far\u00e1knak el kell ker\u00fclni\u00fck a hardverf\u00fcgg\u0151s\u00e9get az\u00e1ltal, hogy biztos\u00edtj\u00e1k a k\u00f6vetkez\u0151ket:<br \/>\nA HSM\/biztons\u00e1gos elemek \u00e9s a be\u00e1gyazott csomagok hardverfriss\u00edt\u00e9s n\u00e9lk\u00fcl is t\u00e1mogatni tudj\u00e1k a j\u00f6v\u0151beli algoritmus- \u00e9s tan\u00fas\u00edtv\u00e1nyprofil-friss\u00edt\u00e9seket.<\/p>\n<h2>GYIK<\/h2>\n<h3>M\u0171k\u00f6dhet offline is a Plug &amp; Charge?<\/h3>\n<p>R\u00e9szben \u2013 tervez\u00e9si okokb\u00f3l. Az offline P&amp;C (Programoz\u00e1s \u00e9s Biztons\u00e1g) szab\u00e1lyozott degrad\u00e1ci\u00f3t eredm\u00e9nyez helyi bizalmi gyors\u00edt\u00f3t\u00e1r haszn\u00e1lat\u00e1val (horgonyok\/k\u00f6ztes elemek\/CRL-ek, ahol lehets\u00e9ges).<br \/>\nexplicit t\u00fcrelmi szab\u00e1lyzatok \u00e9s pufferelt auditnapl\u00f3k az egyeztet\u00e9shez. Nem ker\u00fclheti meg a PKI-t; cs\u00f6kkentenie kell az \u00e9l\u0151 felh\u0151f\u00fcgg\u0151s\u00e9get<br \/>\nmik\u00f6zben meg\u0151rzi az integrit\u00e1st \u00e9s az audit\u00e1lhat\u00f3s\u00e1got.<\/p>\n<h3>Milyen gyakran kell meg\u00faj\u00edtanunk a 199\/200 napos \u00e9lettartam\u00fa tan\u00fas\u00edtv\u00e1nyokat?<\/h3>\n<p>Tervezzen \u00e9vente t\u00f6bb meg\u00faj\u00edt\u00e1si ciklust v\u00e9gpontonk\u00e9nt. Sok \u00fczemeltet\u0151 sz\u00e1m\u00e1ra az \u00fczembe helyez\u00e9si id\u0151szak a k\u00f6vetkez\u0151 id\u0151pontban kezd\u0151dik:<br \/>\n<strong>2026. febru\u00e1r 24.<\/strong> mivel a DigiCert maxim\u00e1lisan nyilv\u00e1nos TLS-tan\u00fas\u00edtv\u00e1nyokat fog kibocs\u00e1tani <strong>199 napos<\/strong> \u00e9rv\u00e9nyess\u00e9ge ett\u0151l a d\u00e1tumt\u00f3l.<br \/>\nA t\u00e1gabb \u00f6kosziszt\u00e9ma szintj\u00e9n az alapk\u00f6vetelm\u00e9nyek fokozatos cs\u00f6kkent\u00e9st hat\u00e1roznak meg a <strong>200\/100\/47 nap<\/strong>.<\/p>\n<h3>Mi okozza a hitelmin\u0151s\u00edt\u0151 int\u00e9zetek jelent\u00e9st\u00e9teli k\u00f6telezetts\u00e9g\u00e9t?<\/h3>\n<p>A hitelmin\u0151s\u00edt\u0151 int\u00e9zetek jelent\u00e9st\u00e9teli szab\u00e1lyai el\u0151\u00edrj\u00e1k <strong>24 \u00f3r\u00e1s korai figyelmeztet\u00e9s<\/strong> \u00e9s <strong>72 \u00f3r\u00e1s \u00e9rtes\u00edt\u00e9s<\/strong> akt\u00edvan kihaszn\u00e1lt sebezhet\u0151s\u00e9gek \u00e9s s\u00falyos incidensek eset\u00e9n,<br \/>\nplusz a v\u00e9gs\u0151 jelent\u00e9si id\u0151szakok. A nagym\u00e9rt\u00e9k\u0171 P&amp;C bizalom megzavar\u00e1sa (pl. rosszindulat\u00fa visszavon\u00e1s vagy \u00e9rv\u00e9nyes\u00edt\u00e9si kompromitt\u00e1l\u00e1s) a jogosults\u00e1g f\u00fcggv\u00e9ny\u00e9ben min\u0151s\u00fclhet.<br \/>\nhat\u00e1s- \u00e9s hasznos\u00edt\u00e1si bizony\u00edt\u00e9kokon alapul; egy CRA-k\u00e9sz VMP-nek t\u00e1mogatnia kell <strong>SBOM + VEX + flottak\u00e9szlet<\/strong> az els\u0151 24 \u00f3r\u00e1n bel\u00fcli hat\u00f3k\u00f6r-felm\u00e9r\u00e9s.<\/p>\n<\/article>","protected":false},"excerpt":{"rendered":"<p>TL;DR (Executive Action Summary) TLS cutover is a hard boundary (not a suggestion): From February 24, 2026, DigiCert will stop accepting public TLS certificate requests with validity greater than 199 days, and certificates issued from that date have a 199-day maximum validity. This is the practical cutover for many operators\u2014renewal velocity increases immediately. The 200\u2192100\u219247-day [&hellip;]<\/p>","protected":false},"author":3,"featured_media":37917,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[143,142,158,146,151,152,159,157,99,153,141,147,149,150,145,98,154,144,148,155,156],"class_list":["post-38532","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-acme","tag-certificate-lifecycle","tag-cra-compliance","tag-crl","tag-cross-signing","tag-edge-proxy","tag-ev-charging-infrastructure-2026","tag-evse-security","tag-iso-15118","tag-local-controller","tag-ocsp","tag-ocsp-stapling","tag-offline-charging","tag-path-validation","tag-pki","tag-plug-charge","tag-sbom","tag-tls-1-3","tag-trust-anchors","tag-vex","tag-vulnerability-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ISO 15118 Certificate Lifecycle Management in 2026 (TLS 199\/200-Day + CRA 24h\/72h)<\/title>\n<meta name=\"description\" content=\"Manage ISO 15118 certificates in 2026: 199\/200-day TLS renewals, ACME automation, revocation failures (OCSP\/CRL), offline Plug &amp; Charge, and CRA 24h\/72h reporting readiness.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.evb.com\/hu\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"hu_HU\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ISO 15118 Certificate Lifecycle Management in 2026 (TLS 199\/200-Day + CRA 24h\/72h)\" \/>\n<meta property=\"og:description\" content=\"Manage ISO 15118 certificates in 2026: 199\/200-day TLS renewals, ACME automation, revocation failures (OCSP\/CRL), offline Plug &amp; Charge, and CRA 24h\/72h reporting readiness.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.evb.com\/hu\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"EVB\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-12T07:13:14+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-16T12:39:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/12\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"721\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"evb\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Szerz\u0151:\" \/>\n\t<meta name=\"twitter:data1\" content=\"evb\" \/>\n\t<meta name=\"twitter:label2\" content=\"Becs\u00fclt olvas\u00e1si id\u0151\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 perc\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/\"},\"author\":{\"name\":\"evb\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/#\\\/schema\\\/person\\\/fe8f0137976034abdfd2ae4f8c5682d0\"},\"headline\":\"ISO 15118 Certificate Lifecycle Management in 2026: From TLS Urgency to CRA Compliance\",\"datePublished\":\"2026-01-12T07:13:14+00:00\",\"dateModified\":\"2026-01-16T12:39:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/\"},\"wordCount\":2523,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.evb.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp\",\"keywords\":[\"ACME\",\"Certificate Lifecycle\",\"CRA Compliance\",\"CRL\",\"Cross-signing\",\"Edge Proxy\",\"EV Charging Infrastructure 2026\",\"EVSE Security\",\"ISO 15118\",\"Local Controller\",\"OCSP\",\"OCSP Stapling\",\"Offline Charging\",\"Path Validation\",\"PKI\",\"Plug &amp; Charge\",\"SBOM\",\"TLS 1.3\",\"Trust Anchors\",\"VEX\",\"Vulnerability Management\"],\"articleSection\":[\"Blog\"],\"inLanguage\":\"hu\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/\",\"url\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/\",\"name\":\"ISO 15118 Certificate Lifecycle Management in 2026 (TLS 199\\\/200-Day + CRA 24h\\\/72h)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.evb.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp\",\"datePublished\":\"2026-01-12T07:13:14+00:00\",\"dateModified\":\"2026-01-16T12:39:19+00:00\",\"description\":\"Manage ISO 15118 certificates in 2026: 199\\\/200-day TLS renewals, ACME automation, revocation failures (OCSP\\\/CRL), offline Plug & Charge, and CRA 24h\\\/72h reporting readiness.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#breadcrumb\"},\"inLanguage\":\"hu\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"hu\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.evb.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp\",\"contentUrl\":\"https:\\\/\\\/www.evb.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp\",\"width\":1280,\"height\":721,\"caption\":\"EVB 4 Guns 480kw dc ev charger with energy storage battery\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.evb.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ISO 15118 Certificate Lifecycle Management in 2026: From TLS Urgency to CRA Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/#website\",\"url\":\"https:\\\/\\\/www.evb.com\\\/\",\"name\":\"EVB\",\"description\":\"Smart EV Charging &amp; Energy Storage Solutions\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.evb.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"hu\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/#organization\",\"name\":\"EVB\",\"url\":\"https:\\\/\\\/www.evb.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"hu\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.evb.com\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/evb-3.png\",\"contentUrl\":\"https:\\\/\\\/www.evb.com\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/evb-3.png\",\"width\":605,\"height\":626,\"caption\":\"EVB\"},\"image\":{\"@id\":\"https:\\\/\\\/www.evb.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.evb.com\\\/#\\\/schema\\\/person\\\/fe8f0137976034abdfd2ae4f8c5682d0\",\"name\":\"evb\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"hu\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/6919cc4e91e3745783933e1263b15b0bed21b5e46f2b1e21643aa8b29240d0f7?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/6919cc4e91e3745783933e1263b15b0bed21b5e46f2b1e21643aa8b29240d0f7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/6919cc4e91e3745783933e1263b15b0bed21b5e46f2b1e21643aa8b29240d0f7?s=96&d=mm&r=g\",\"caption\":\"evb\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ISO 15118 Certificate Lifecycle Management in 2026 (TLS 199\/200-Day + CRA 24h\/72h)","description":"Manage ISO 15118 certificates in 2026: 199\/200-day TLS renewals, ACME automation, revocation failures (OCSP\/CRL), offline Plug & Charge, and CRA 24h\/72h reporting readiness.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.evb.com\/hu\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/","og_locale":"hu_HU","og_type":"article","og_title":"ISO 15118 Certificate Lifecycle Management in 2026 (TLS 199\/200-Day + CRA 24h\/72h)","og_description":"Manage ISO 15118 certificates in 2026: 199\/200-day TLS renewals, ACME automation, revocation failures (OCSP\/CRL), offline Plug & Charge, and CRA 24h\/72h reporting readiness.","og_url":"https:\/\/www.evb.com\/hu\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/","og_site_name":"EVB","article_published_time":"2026-01-12T07:13:14+00:00","article_modified_time":"2026-01-16T12:39:19+00:00","og_image":[{"width":1280,"height":721,"url":"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/12\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp","type":"image\/webp"}],"author":"evb","twitter_card":"summary_large_image","twitter_misc":{"Szerz\u0151:":"evb","Becs\u00fclt olvas\u00e1si id\u0151":"11 perc"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#article","isPartOf":{"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/"},"author":{"name":"evb","@id":"https:\/\/www.evb.com\/#\/schema\/person\/fe8f0137976034abdfd2ae4f8c5682d0"},"headline":"ISO 15118 Certificate Lifecycle Management in 2026: From TLS Urgency to CRA Compliance","datePublished":"2026-01-12T07:13:14+00:00","dateModified":"2026-01-16T12:39:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/"},"wordCount":2523,"commentCount":0,"publisher":{"@id":"https:\/\/www.evb.com\/#organization"},"image":{"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/12\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp","keywords":["ACME","Certificate Lifecycle","CRA Compliance","CRL","Cross-signing","Edge Proxy","EV Charging Infrastructure 2026","EVSE Security","ISO 15118","Local Controller","OCSP","OCSP Stapling","Offline Charging","Path Validation","PKI","Plug &amp; Charge","SBOM","TLS 1.3","Trust Anchors","VEX","Vulnerability Management"],"articleSection":["Blog"],"inLanguage":"hu","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/","url":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/","name":"ISO 15118 Certificate Lifecycle Management in 2026 (TLS 199\/200-Day + CRA 24h\/72h)","isPartOf":{"@id":"https:\/\/www.evb.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#primaryimage"},"image":{"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/12\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp","datePublished":"2026-01-12T07:13:14+00:00","dateModified":"2026-01-16T12:39:19+00:00","description":"Manage ISO 15118 certificates in 2026: 199\/200-day TLS renewals, ACME automation, revocation failures (OCSP\/CRL), offline Plug & Charge, and CRA 24h\/72h reporting readiness.","breadcrumb":{"@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#breadcrumb"},"inLanguage":"hu","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/"]}]},{"@type":"ImageObject","inLanguage":"hu","@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#primaryimage","url":"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/12\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp","contentUrl":"https:\/\/www.evb.com\/wp-content\/uploads\/2025\/12\/EVB-4-Guns-480kw-dc-ev-charger-with-energy-storage-battery.webp","width":1280,"height":721,"caption":"EVB 4 Guns 480kw dc ev charger with energy storage battery"},{"@type":"BreadcrumbList","@id":"https:\/\/www.evb.com\/iso-15118-certificate-lifecycle-management-in-2026-from-tls-urgency-to-cra-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.evb.com\/"},{"@type":"ListItem","position":2,"name":"ISO 15118 Certificate Lifecycle Management in 2026: From TLS Urgency to CRA Compliance"}]},{"@type":"WebSite","@id":"https:\/\/www.evb.com\/#website","url":"https:\/\/www.evb.com\/","name":"EVB","description":"Smart EV Charging &amp; Energy Storage Solutions","publisher":{"@id":"https:\/\/www.evb.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.evb.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"hu"},{"@type":"Organization","@id":"https:\/\/www.evb.com\/#organization","name":"EVB","url":"https:\/\/www.evb.com\/","logo":{"@type":"ImageObject","inLanguage":"hu","@id":"https:\/\/www.evb.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.evb.com\/wp-content\/uploads\/2021\/03\/evb-3.png","contentUrl":"https:\/\/www.evb.com\/wp-content\/uploads\/2021\/03\/evb-3.png","width":605,"height":626,"caption":"EVB"},"image":{"@id":"https:\/\/www.evb.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.evb.com\/#\/schema\/person\/fe8f0137976034abdfd2ae4f8c5682d0","name":"evb","image":{"@type":"ImageObject","inLanguage":"hu","@id":"https:\/\/secure.gravatar.com\/avatar\/6919cc4e91e3745783933e1263b15b0bed21b5e46f2b1e21643aa8b29240d0f7?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/6919cc4e91e3745783933e1263b15b0bed21b5e46f2b1e21643aa8b29240d0f7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6919cc4e91e3745783933e1263b15b0bed21b5e46f2b1e21643aa8b29240d0f7?s=96&d=mm&r=g","caption":"evb"}}]}},"_links":{"self":[{"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/posts\/38532","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/comments?post=38532"}],"version-history":[{"count":5,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/posts\/38532\/revisions"}],"predecessor-version":[{"id":38581,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/posts\/38532\/revisions\/38581"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/media\/37917"}],"wp:attachment":[{"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/media?parent=38532"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/categories?post=38532"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.evb.com\/hu\/wp-json\/wp\/v2\/tags?post=38532"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}