28 March 2019 - NW679
De Freitas, Mr MS to ask the Minister of Transport
(a) Why has SSL certification of certain websites (names furnished) lapsed, (b)(i) what is the name of the person who is responsible in this regard and (ii) why has this person not addressed the specified matter on time, (c) on what date will this matter be addressed and (d) what processes, procedures and mechanisms are in place to ensure that this is not repeated in future?
The client server encryption was not implemented to this web service as this is purely an information website and no login services are present. Any available documents to download have to be completed and forwarded per mail and not uploaded to the website itself, which could compromise confidential information. The RTMC is currently upgrading the website to a latest content management platform and is in possession of a verified wildcard SSL certificate if the need arises to implement on this web service.
The aarto.gov.za web service also corresponds to an informational website apart from the service querying fines and submitting elective options to the National Contravention Register (NCR). The NCR functionality has been implemented using SSL within an iframe running within the web service to eliminate any confidential information being sent across the internet unencrypted.
b) (i) & (ii) The RTMC manages the www.aarto.gov.za. As per following link https://knowledge.digicert.com/alerts/ALERT2562.html the SSL certificate expired due to a discrepancy between the governing bodies with regard to SSL certification of SSL Certificates. A delay was experienced in reissuing the new SSL Certificate free of charge as the Certificate Authority did not recognize the Corporation as the owner due to the fact that the certificate was procured by the erstwhile NaTIS Contractor. The details have since been updated.
c) The matter has been addressed already and certificates have been replaced.
d) The RTMC ordinarily tracks the expiry of the certificates and follows internal processes to ensure the service is not interrupted. In this instance the SSL certificate did not expire by ordinary effluxion of time but was no longer recognized. The Corporation has implemented a process to monitor the recognition status of all SSL certificates monthly to proactively react to any possible disruptions.
The RTIA website has never lapsed.
b) (c) (d) Not applicable