Enroling in Navelink
- Higher SLA with 24/7 technical monitoring of the system.
- Higher level of support to users.
- Higher stability and longterm availability means more stability of investments.
- Closer cooperation with end users; A system provided by the Users. Ownership of Navelink are themselves big users of Navelink.
No. We will send you a Service Agreement proposal. You commit to Navelink when signing the Service Agreement.
2020/06/23
Navelink REST API
URL to Navelink REST APIs can be found here:
OPERATIONAL environment
Identity Registry API: https://api-x509.navelink.org/x509/api/ | https://api.navelink.org/oidc/api/
Service Registry API: https://serviceregistry.navelink.org/api/
TEST environment
Identity Registry API: https://api-x509.test.navelink.org/x509/api/ | https://api.test.navelink.org/oidc/api/
Service Registry API: https://serviceregistry.test.navelink.org/api/
DEV environment
Identity Registry API: https://api-x509.dev.navelink.org/x509/api/ | https://api.dev.navelink.org/oidc/api/
Service Registry API: https://serviceregistry.dev.navelink.org/api/
2020/10/12
OPERATIONAL environment
Identity Registry API: https://api-x509.navelink.org/x509/api/ | https://api.navelink.org/oidc/api/
Service Registry API: https://serviceregistry.navelink.org/api/
TEST environment
Identity Registry API: https://api-x509.test.navelink.org/x509/api/ | https://api.test.navelink.org/oidc/api/
Service Registry API: https://serviceregistry.test.navelink.org/api/
DEV environment
Identity Registry API: https://api-x509.dev.navelink.org/x509/api/ | https://api.dev.navelink.org/oidc/api/
Service Registry API: https://serviceregistry.dev.navelink.org/api/
2020/10/12
Navelink REST API documentation as OpenAPI (swagger) can be found here:
Identity Registry:
https://api-x509.navelink.org/v3/api-docs |
https://api.navelink.org/v3/api-docs
Service Registry:
https://serviceregistry.navelink.org/v3/api-docs | https://serviceregistry.navelink.org (Swagger UI)
2022/05/17
2022/05/17
PKI – Certificates
Yes, you always own your private part of your key that you use when signing data, and you get your public part signed by Navelink.
A signature is created by calculating a checksum and then encrypting this with your private keys, which you always own. These are strongly recommended to be created by you at your own facility, not by anyone else.
The public part of the key pair is signed by Navelink which enables the receiver to verify the signature against Navelink PKI. Navelink can then verify and respond that this is the signed public part of the claimed sender of data. If the checksum matches, the data integrity and sender is verified and authenticated.
When issuing a certificate in Navelink, you are asked if you want to create your keys in your local browser or by Navelink, select Local. You can also create the key pair in another way at your own facility and then make a Certificate Sign Request to Navelink. Either way you avoid sending the private key on Internet.
2022-12-05
You can find the links to the certificates here.
2022-12-05
There are two different ways to check the validity date on your certificate:
- Through the Management Portal
- Logon to Navelink Management Web Portal.
- Locate your entity and read the validity date of the certificate.
- Check using a Windows built-in function
- Locate your certificate file and change the file extension from .pem to .cer.
- Run the file to open it in Windows certificate application.
- Read the content of the certificate.
- Logon to Navelink Management Web Portal.
- Locate your entity and select Issue Certificate.
- Revoke the old certificate with reason "Superseeded".
Migrating an MCP service to Navelink
- Domain name and links to environments are new for Navelink (navelink.org)
- Hence, URL to search for service instances and get Organizations are changed.
- SSL Certificates for Navelink servers are new and need to be trusted.
- Let’s Encrypt SSL certificates are used on Navelink servers.
- Root certificate in Identity Registry are new for Navelink instances.
- Each issued certificate for identities will have the new Navelink self-signed certificate in its trust chain.
- MRN identities are changed from urn:mrn:stm to urn:mrn:mcp
- The MRNs on the VIS Technical Design has been changed to:
- Navelink DEV: urn:mrn:mcp:service:navelink-dev:navelink:design:vis:rest:2.2
- Navelink TEST: urn:mrn:mcp:service:navelink-test:navelink:design:vis:rest:2.2
- Navelink OPS: urn:mrn:mcp:service:navelink:navelink:design:vis:rest:2.2
- Enrol in Navelink.
- Logon to MCP and download the XML for your Service Instance.
- In your XML file, change the ID to a Navelink MRN;
- Navelink OPS: urn:mrn:mcp:service:navelink:{org}:instance:{name}
- Navelink TEST: urn:mrn:mcp:service:navelink-test:{org}:instance:{name}
- Navelink DEV: urn:mrn:mcp:service:navelink-dev:{org}:instance:{name}
- In your XML file, change the ID for implementsServiceDesign
- Navelink OPS: urn:mrn:mcp:service:navelink:navelink:design:vis:rest:2.2
- Navelink TEST: urn:mrn:mcp:service:navelink-test:navelink:design:vis:rest:2.2
- Navelink DEV: urn:mrn:mcp:service:navelink-dev:navelink:design:vis:rest:2.2
- Logon to the Navelink Management Portal and search for VIS Technical Design
- Create a new instance based on VIS Technical Design
- Upload your edited XML file
- Upload a document
- Issue Certificate
The change of MRN in Identity Registry concerns the identities, hence the service book and possibly authorization data needs to be updated/reloaded.
The UVID (Unique Voyage Number) in the RTZ (vesselVoyage) is not affected by the change from MCP to Navelink. In UVID the MRN urn:mrn:stm will continue to be used.
The MRN identity has also been changed for the VIS Technical Design, so please ensure that this change is reflected in e.g. filter in Find Service.
Update December 2022
The MCP type (org, user, device, vessel and service) will eventually be replaced with “id”.
The change of MRN concerns the formal identifiers stored in Identity Registry, including service MRN. Therefore it will affect the service book and most likely access control lists needs to be updated/reloaded.
The UVID (Unique Voyage Number) in the RTZ (vesselVoyage) and TXT id will not be affected by the change. In UVID the MRN urn:mrn:stm will continue to be used.
2022/12/20
Navelink Management Portal
To change the password you have to use the "forgot password" function on the selected environment. This will send an email to the email account associated with your Navelink user with a temporary password. Use this password to log in. You will be prompted to set a new password when you log in.
2020/09/10
2020/09/10
You choose your own short name, but it must be unique in Navelink and be a representation of your organization’s full name. This will be part of the organization field in Maritime Resource Naming (MRN) and used for all MRN identifiers created within the organization (users, vessels, services etc). Allowed characters are: a-z (lower case) 0–9 (3–10 characters). It is typically kept short.
Updated 2022-12-06
There is a procedure defined in Navelink for releasing service instances in OPERATIONAL environment that includes a special protocol and request before set to status=released.
Release in DEV and TEST does not require protocol to be released.
2020/06/23
Service registrations will be automatically monitored in Navelink against the guidelines. Deviations will be reported directly to the registered person.
2020/06/23
Voyage Information Service
Please contact info@navelink.org
2020/06/23