Q and A on STI Test Plan

PreviousStir/Shaken Compliance Guide NextSTI-PA-TC-026

Last updated 2 years ago

Q and A on STI Test Plan

Test Plan ID

Tes Plan Description

What To Do

STI-PA-TC-005

SP Portal First Time Login

Access to http:// to check if you can login. If you can login successfully, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-006

CA Portal First Time Login

Ignore

STI-PA-TC-007

SP Portal Normal Login

Logout from and attempt to log back into the site again. If you can login successfully, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-008

CA Portal Normal Login

Ignore

STI-PA-TC-009

Password Reset

Go to and click on "Forgot Password?" If you are able to change password, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-012

Create Additional SP Admin Users

Login to and go to "User" page. You should try to create a new Admin User for your Service Provider account. If you are able to create a new SP Admin User, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-013

Create SP API User

Login to and go to "User" page. You should try to create a new API User for your Service Provider account. In the Create User page, there is an option for "API User" and you should select that. If you are able to create a new SP API User, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-014

Add additional SPC to an existing account

STI-PA-TC-018

Add new STI-CA Root Certificate; also includes retrieval of caList

Ignore

STI-PA-TC-019

1) Obtain STI-PA public certificate; 2) Verify caList signature

Downloading Trust CA List using URL: https://authenticate-api-stg.iconectiv.com/api/v1/ca-list

STI-PA-TC-020

Remove an STI-CA root certificate; verify caList is updated

Ignore

STI-PA-TC-021

Verify CRL URL is contained in the SPCToken response

Sending SPC request using URL: https://authenticate-api-stg.iconectiv.com/api/v1/account/211K/token

STI-PA-TC-022

SP can revoke an STI cerficiate; verify revoked certificate is added to CRL

Login to and go to Revoke Certificate page. You need to verify you can revoke a certificate that you created. When you signup with Peeringhub, you will be able to use Peeringhub's staging environment to create staging certificate and then use the iConnectiv portal to revoke the created certificate.

STI-PA-TC-023

CA can revoke an STI cerficiate; verify revoked certificate is added to CRL

Ignore

STI-PA-TC-024

CRL Download; verify the CRL signature

Downloading CRL from iConnectiv staging server with the following API: https://authenticate-api-stg.iconectiv.com/download/v1/crl

STI-PA-TC-025

SPC Token request

Sending SPC request using the following URL: https://authenticate-api-stg.iconectiv.com/api/v1/account/<OCN>/token/

STI-PA-TC-026

verify SPC Token JWT; use x5u URL to download the STI-PA public cert

Validating SPC signature using API : https://authenticate-api-stg.iconectiv.com/download/v1/certificate/certificateId_97574.crt

PreviousStir/Shaken Compliance Guide NextSTI-PA-TC-026

Last updated 2 years ago

Test Plan ID

Tes Plan Description

What To Do

STI-PA-TC-005

SP Portal First Time Login

Access to http:// to check if you can login. If you can login successfully, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-006

CA Portal First Time Login

Ignore

STI-PA-TC-007

SP Portal Normal Login

Logout from and attempt to log back into the site again. If you can login successfully, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-008

CA Portal Normal Login

Ignore

STI-PA-TC-009

Password Reset

Go to and click on "Forgot Password?" If you are able to change password, then you can specify your test result as "Expected Result was observed."

STI-PA-TC-012

Create Additional SP Admin Users

STI-PA-TC-013

Create SP API User

STI-PA-TC-014

Add additional SPC to an existing account

STI-PA-TC-018

Add new STI-CA Root Certificate; also includes retrieval of caList

Ignore

STI-PA-TC-019

1) Obtain STI-PA public certificate; 2) Verify caList signature

Downloading Trust CA List using URL: https://authenticate-api-stg.iconectiv.com/api/v1/ca-list

STI-PA-TC-020

Remove an STI-CA root certificate; verify caList is updated

Ignore

STI-PA-TC-021

Verify CRL URL is contained in the SPCToken response

Sending SPC request using URL: https://authenticate-api-stg.iconectiv.com/api/v1/account/211K/token

STI-PA-TC-022

SP can revoke an STI cerficiate; verify revoked certificate is added to CRL

STI-PA-TC-023

CA can revoke an STI cerficiate; verify revoked certificate is added to CRL

Ignore

STI-PA-TC-024

CRL Download; verify the CRL signature

Downloading CRL from iConnectiv staging server with the following API: https://authenticate-api-stg.iconectiv.com/download/v1/crl

STI-PA-TC-025

SPC Token request

Sending SPC request using the following URL: https://authenticate-api-stg.iconectiv.com/api/v1/account/<OCN>/token/

STI-PA-TC-026

verify SPC Token JWT; use x5u URL to download the STI-PA public cert

Validating SPC signature using API : https://authenticate-api-stg.iconectiv.com/download/v1/certificate/certificateId_97574.crt