Authentication

The Qi 1.3 and 2.0 specifications make it necessary to include public key certificates in EPP and MPP chargers. These certificates, called “Product Unit Certificates” are specified in the “Authentication Protocol” books respectively (WPC Members Only)

Information for Manufacturers of Wireless Chargers

A "Product Unit Certificate" must be embedded in wireless Qi/Ki chargers to enable them to authenticate with power receivers.

Manufacturers who wish to obtain Product Unit Certificates will need to:

1. Sign the "Authentication Agreement for a Manufacturer". A reference copy of the agreement can be found on the page "governing documents". Only members of the WPC can sign this agreement.
2. Procure the Product Unit Certificates from a Manufacturer CA Service Provider.
3. Inform the WPC's license administrator which Manufacturer CA Service Provider(s) will supply the Product Unit Certificates.

The following companies may provide Product Unit Certificates to manufacturers of wireless chargers that have signed the Qi Authentication Agreement for a Manufacturer.

Information for Manufacturer CA Service Providers

The Manufacturer CA Service Provider User Guide explains the procedure and rules for

1. Signing the "Authentication Agreement for a Manufacturer CA Service Provider"
2. Submitting a Certificate Signing Request (CSR) to the Root CA
3. Verification steps that must be taken before submitting a CSR to the Root CA
4. Verification steps that must be taken before signing Product Unit Certificates

See also: PKI Infrastructure for Authentication (WPC members only)

Manufacturer CA CSR Submission Form

Manufacturer CA Service Providers must use the MCSP Portal to request a certificate from the Root CA Service Provider.

Root CA Signing Events

The Root CA signing events take place via the MCSP portal. Certificate Signing Requests (CSRs) are submitted and the Root CA does signing on a weekly basis. Please allow up to 5 business days to have your CSR processed.

Manufacturer CA Certificates for Testing Purposes

Manufacturer CA Service Providers can obtain certificates for testing purpose from the WPC (please contact the Authentication License Administrator). Product Unit Certificates created with such a certificate for testing purposes must not be used in products.

Qi Root Certificate (WPCCA1)

-----BEGIN CERTIFICATE-----
MIIBLDCB06ADAgECAgh3YRK0EUearDAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZX
UENDQTEwIBcNMjEwMzAzMTYwNDAxWhgPOTk5OTEyMzEyMzU5NTlaMBExDzANBgNV
BAMMBldQQ0NBMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABASEByCzo7F50Gx3
raAARNLPIJvDPONEmgjGf4/1A3NjoEP1kHGQr7e88fymZ8tew+oZ+Wp7QR89jWMw
SC1+KBKjEzARMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgacC3
FeLAavaI+bZHo49TZ9UCpvXeVbkFoQJavUJx9GgCIQCfX08/diCuF3TYBLxxmqGb
UFW7ou1N5kD9VPo5W+1duA==
-----END CERTIFICATE-----

Qi Root Certificate Hash

SHA256: A1759ECCA0BE3B850118183ED6CDD6D4A5DB7D83E6FD0E6F475CE4BB6EA01424

SHA1: 99533998A598858DC9EF4A69CD928895705E5F20

Ki Root Certificate (WPCCA2)

-----BEGIN CERTIFICATE---
MIIBLTCB06ADAgECAgg2OI/Yb16ugzAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZX
UENDQTIwIBcNMjQwNzE2MDk0NDU2WhgPOTk5OTEyMzEyMzU5NTlaMBExDzANBgNV
BAMMBldQQ0NBMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBIJum05wVScp
382Kgv7msqhLs+UyoXOGxslHhOlLcJF9wttcqj5aL3zAN6cW/PFPiJAAAo0K/FNsrx/
wnTc30GjEzARMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJVW
/b+ZgC21osi6vNHDr1tJcEqMoRYPGjlnWRrviT9PAiEAhhueLZP6mQ5XAOPbIUZz
DIFthAWUXv2258Xqj6Vy1eQ=
-----END CERTIFICATE-----

Ki Root Certificate Hash

SHA256: 36316381DC57F64BD741DFEE24A995E8F0B4DA081B47B24007461595AF3F4438

SHA1: FE289B4AEF08F7AFDBC6380AB45058A91BAC85FC

Revocation

The WPC may revoke any certificate that is signed by the Root CA or by Manufacturer CAs.

The WPC may revoke any certificate that is signed by the Root CA or by a Manufacturer CA, following the rules and procedure described in Annex B of the authentication agreements. Reference copies of all agreements can be found on the page "governing documents".

Certificate Revocation List

The latest version of CRL was issued on 2021-06-17: wpccrl_CRL0004_-_signed.xml

Explanation of the CRL

The CRL is an XML file. The schema of the XML is specified in CRL_schema.xsd

The CRL is valid only when signed by the Root CA. The CRL will also be signed by one of two representatives of the WPC, as proof that the CRL was reviewed by the WPC.

The latest version of the CRL is published on this page. It replaces all previously signed CRLs.Always use the latest version.

Each revocation references a "reason" and "decision". The decision is a number can be used to lookup the documentation of the decision to revoke that certificate in the revocation administration.

The "procedureID" in the administration is the same as the "decision" in the CRL. See also the CRL revocation reasons and process steps.pdf.

Certificate Practice Statement

The WPC Root CA CPS describes the practices and procedures used to address all the requirements identified for the WPC Root CA Certificate Policy. This document combines both the CP and the CPS and it forms the Certificate Policy and the Certificate Practice Statement (CPS) for the Wireless Power Consortium Root CA.

Subscribers and relying parties can consult this redacted version of the CP/CPS to obtain details of the requirements addressed by its CP and how the CP is implemented by the WPC Root CA.

This document follows the framework for CP and CPS described in ETSI EN 319 411-1 and RFC 3647.

Contact

For questions and requests, please use the contact the Authentication License Administrator at ala@wirelesspowerconsortium.com.