DIVOC
DIVOC 3.0
DIVOC WikiDIVOC 3.0DIVOC 3.1DIVOC 3.5
DIVOC 3.0
DIVOC WikiDIVOC 3.0DIVOC 3.1DIVOC 3.5
  • Introduction to DIVOC
    • What DIVOC is and what it's not
    • DIVOC Docs Index
  • Platform
    • Release Notes
      • DIVOC 2.0 Release Features
      • DIVOC 3.0 Release Features
    • Specification
      • API Documentation
      • Setting up DIVOC development environment
    • DIVOC's Verifiable Certificate Features 2.0
      • Creating a DIVOC Certificate
        • Overview of DIVOC’s digital certificates
        • What information is included in the DIVOC certificate?
        • DIVOC’s certificate generation service: How does it work?
        • Compliance with internationally used COVID-19 certificate schemas
      • Distributing a DIVOC Certificate
      • Updating a DIVOC Certificate
      • Revoking a DIVOC Certificate
      • Verifying a DIVOC Certificate
      • DIVOC's Native COVID-19 Certificate Specification
      • DIVOC’s EU-DCC Adapter Service
      • DIVOC’s SHC Adapter Service
      • Adding a User Type in DIVOC
      • Printing Certificates at a Facility
      • Normal QR Code Versus Signed/Verifiable QR Code
      • What Information Goes Into a QR Code?
      • WHO Master Vaccine Checklist
      • EU Master Vaccine Checklist
    • DIVOC's Verifiable Certificate Features 3.0
      • How to Configure a New Tenant?
      • How to Access the VC System and Generate Tokens
      • How to Generate Certificates
      • How to Fetch Certificates
      • How to Update Certificates
      • How to Revoke Certificates
      • How to Suspend Certificates
    • DIVOC Architecture
    • Installation
      • Skills needed to set up DIVOC
      • Implementation Checklist
      • Setting Up DIVOC in k8 Cluster
        • How to Install DIVOC
        • How to Install DIVOC for V3.0
        • Backup & Restore: Postgres, Clickhouse, Kafka, & Redis
        • Infrastructure Recovery
        • Server Hardening
    • Verifiable Credential (VC): Production Deployment
    • Configuration
      • Configuring the Certification and Verification Component
        • Generating Signed Key Pairs
        • Configuring certificates
          • Step 1: Create a certification generation request
          • Step 2: Configure the QR code content
          • Step 3: Configure the certificate template
        • How to set up the verification portal for implementation
        • How to configure the update certificate API
        • Configuring Environment Variables in 2.0
      • Configuration Management Via ETCD
        • Adding a New Vaccine and ICD-11 Mapping
          • Adding a New Vaccine and ICD-11 Mapping Using ETCD CLI
        • PDF Template Change for Vaccine Certificates
          • PDF Template Change for Vaccine Certificates via ETCD CLI
        • EU Vaccine Configurations
          • Adding a New Vaccine and its Mapping via ETCD CLI
        • Payload Changes in the QR Code
          • Payload Changes in the QR Code via ETCD CLI
    • Performance Report
  • Products
    • Issuing COVID-19 Vaccination Certificates in India
    • Issuing COVID-19 Test Reports in India
    • Issuing COVID-19 Vaccination Certificates in Sri Lanka
    • Issuing COVID-19 Vaccination Certificates in the Philippines
    • Issuing COVID-19 Vaccination Certificates in Jamaica
      • Troubleshooting
    • Issuing COVID-19 Vaccination Certificates in Indonesia
    • Open Events
      • Past Events
      • DIVOC in the Media
  • DIVOC Demo
    • Program Setup (Via Orchestration Module)
    • Facility App
    • Issue and Verify Certificates
    • Citizen Portal
    • Feedback
    • Analytics
  • Community
    • Roadmap
    • Partner Support
      • Terms and Conditions of Using the DIVOC Site
      • Privacy Policy: Short Version for Display
      • Privacy Policy: Detailed
      • Platform Policy Guidelines
      • Privacy Policy Recommendations
      • Troubleshooting Guide
    • Source Code
    • Discussion Forum
    • Issues
    • Project Repo
Powered by GitBook
On this page
  • Overview
  • QR code
  • Update changes
  • Certificate template changes
  • Certificate verification
  • Setting up the server
  • Generating signed key pairs
  • Operational checklist
  1. Platform
  2. Installation

Implementation Checklist

Overview

This checklist can help you plan your implementation. Besides technical and operational details, it covers server setup, QR code, certificate template changes, and updating and verifying certificates.

QR code

Section
Checklist
Description

Create QR code

Change the value in context section.

  • This value indicates the release version of the certificate schema. This versioning will support in introducing validations (if required) on certificates generated in previous schemas such as "revoking/invalidating certificates with previous schema."

  • For example: For release 1 - It could be "https://moh.prod/credentials/vaccination/v1" and for release 2 - It could be "https://moh.prod/credentials/vaccination/v2"

Create QR code

The Id field in "credentialSubject" should be in a URI format.

  • If certify request payload contains “identity,” set it to “did::”

  • Else, use the “preEnrollmentCode” and set it to “did::”

Create QR code

The date value passed in the payload in the 'vaccination' section should match with the value in the 'evidence' section of the QR code and it should follow the YYYY-MM-DD format.

  • The format is as per the WHO-DDCC data standard.

  • Validate the date value as it may have impact due to the vaccination system (external), and DIVOC is deployed in servers with a different timezone (UTC). Border cases to be checked as day/date may change.

Create QR code

The 'issuer' is mapped correctly as per the requirement.

Create QR code

The vaccine list provided by a country is available in the master list.

Create QR code

The vaccine and prophylaxis mapping is as per the country requirements.

Create QR code

Vaccine 'manufacturer,' 'batch' values shared in the payload are getting reflected in the QR code.

Create QR code

The addressCountry value in the evidence section captures the 3-digit country code from here.

Create QR code

'dose' and "totalDoses" value shared in the payload are getting reflected in the QR code.

Create QR code

The 'Id' part in the evidence section is in a URI format.

Update changes

Section
Checklist
Description

Update a certificate

Revoke a certificate

The system should be able to generate a certificate for a revoked dose.

Revoke a certificate

The system is only revoking the earlier certificate which existed for the specified dose value.

For example, If dose 2 certificate has been removed from the system, the user should be allowed to generate another/correct dose 2 certificate.

Certificate template changes

Section
Checklist
Description

Create certificate template

QR code size is 2.5x2.5 inch on a printed A4 size paper.

Create certificate template

Does the printed certificate show the minimal values based on the WHO-DDCC standard?

Create certificate template

If the certificate template has a table which shows the current and the previous dose details (if available), then the table should be configured to be scalable to capture details of both the current and the previous dose details in required combinations.

For example, the certificate template should have only one template file to refer to for the generation of certificates with a combination of dose 1, dose 1 and 2, dose 1, 2, and 3, etc. This should be up to a maximum feasible limit based on the template design.

Certificate verification

Section
Checklist
Description

Verify a certificate

SSL certificate has been applied to the verification page.

The SSL certificate is required to open the camera in the browser.

Verify a certificate

The verification page has been configured to provide the necessary guidance to the user for the verification component.

For example, the verification page should include following messaging/guidelines/ information:

  • How to scan the QR code?

  • The possible reason for showing a certificate as invalid or revoked?

  • What steps to follow if a certificate is shown as invalid or revoked, such as information of the contact person.

Setting up the server

Section
Checklist
Description

Server setup

Infrastructure estimation guide.

For example, if the load goes up, then the system should be configured for scalability.

Server setup

The production environment should support the following recommendations:

  • Data backup policy.

  • Authentication and password management.

  • Error handling and logging.

  • System configurations.

Server setup

System is configured to handle network crash or infrastructure crash.

Server setup

Back up of the following:

  1. DB/server setup.

  2. Online/offline line.

Server setup

The section should cover activities to be performed to ensure security of data and application.

For example,

  • Firewall controls should also be in place, such as user management, for better access control.

Generating signed key pairs

Section
Checklist
Description

Sign key generation

It is done as per the standard.

Sign key generation

Keycloak configuration related to DIVOC.

Operational checklist

Section
Checklist
Description

Privacy policy

Privacy policies are based on the recommendations made to implementing partners. They are advised to share it with citizens regarding their personally identifiable information and how it is managed in DIVOC.

PreviousSkills needed to set up DIVOCNextSetting Up DIVOC in k8 Cluster

Last updated 2 years ago

For more details and sample QR code content, click .

This value indicates the certificate issuing authority. The issuer field is configured in the platform. For more details, click .

The value of this change to be added here: .

The vaccines provided in the platform are listed .

Validate and add to the list if a new vaccine needs to be added in the list - and .

The vaccines provided in the platform are listed .

Validate and add to the list if a new vaccine need to be added in the list - and .

The sample payload and the QR code is mentioned .

The values are set here: .

For more details, click .

For example, 'id' - "<certificateId>" Where - certificateId is unique for each certificate. If the certificate gets updated, a new certificate will be generated with a new certificate Id for the same event. For more details, click .

Update limits are set according to a country's requirement. The details to configure the update limit are available .

For example, if the dose 2 certificate has been removed from the system, the user should be allowed to generate another/correct dose 2 certificate. Click to know more on DIVOC's revocation services.

Click to see a sample certificate.

Click to see the list of minimal data set as per the WHO-DDCC standard.

The possible reason if the verification component is not able to scan the QR code? Click for more details.

Click to know more.

For example, if the master/slave nodes go down, are they configured to autostart/auto-deploy? Click to know more.

The system should be configured to backup. Click to know more.

Click to read the server hardening guidelines.

Restrict all the non-essential ports on the public network. Ports of DB/other inter-components should only be accessible within the application. Click for the list of ports.

Click for more details.

Click for more details.

As the application contains citizen data, access rights (read/write) should be agreed between parties for staging/production/other environments. Click to know more.

All content on this page by is licensed under a .

here
here
https://github.com/egovernments/DIVOC/blob/main/docker-compose.yml#L295
here
https://github.com/egovernments/DIVOC/blob/main/default-configuration/etcd/ICD.json
https://github.com/egovernments/DIVOC/blob/main/default-configuration/etcd/VACCINE_ICD.json
here
https://github.com/egovernments/DIVOC/blob/main/default-configuration/etcd/ICD.json
https://github.com/egovernments/DIVOC/blob/main/default-configuration/etcd/VACCINE_ICD.jso
here
https://github.com/egovernments/DIVOC/blob/main/docker-compose.yml#L214
here
https://divoc.dev/vaccine/
here
here
here
here
here
here
here
here
here
here
here
here
here
here
eGov Foundation
Creative Commons Attribution 4.0 International License
Creative Commons License