commit 5a7f07a29dffd707430bb169746bc65bf74c8d62
author tylerliu <tylersiqi@163.com> Sat Oct 17 17:19:40 2020 -0700
committer tylerliu <tylersiqi@163.com> Sat Oct 17 19:28:26 2020 -0700
tree 027afbeffd0bb19b8981b1169c577dacb02f6a8c
parent c318a7a53b879ac9ad52ed789a90d1e0522dad21

site ca part 2

Change-Id: Ia8f3183ee9ae45d269311b285a42eb55b0de247a

deployment/step-2-site-ca.sh

diff --git a/deployment/step-2-site-ca.sh b/deployment/step-2-site-ca.sh
index ba28424..1a38c64 100644
--- a/deployment/step-2-site-ca.sh
+++ b/deployment/step-2-site-ca.sh
@@ -1,9 +1,21 @@
 #! /bin/bash
 
-# Generate ndncert config file
 echo 'Please enter the /ndn certificate:(end with Ctrl-D)'
 ROOT_CERT=$(cat | tr -d '\n')
 
+# compile and install ndncert
+git clone https://github.com/Zhiyi-Zhang/ndncert.git
+cd ndncert
+git checkout origin/v0.3
+./waf configure
+sudo ./waf install
+sudo cp ./build/systemd/ndncert-ca.service /etc/systemd/system/
+sudo chmod 644 /etc/systemd/system/ndncert-ca.service
+
+# Generate ndncert config file
+echo 'Please enter the /ndn certificate:(end with Ctrl-D)'
+root_cert=$(cat | tr -d '\n')
+
 cat > ndncert-site-client.conf << ~EOF
 {
   "ca-list":
@@ -17,28 +29,43 @@
       [
         {"probe-parameter-key": "pin"}
       ],
-      "certificate": "$ROOT_CERT"
+      "certificate": "$root_cert"
     }
   ]
 }
 ~EOF
 
-echo 'Please enter the /ndn certificate:(end with Ctrl-D)'
-ROOT_CERT=$(cat | tr -d '\n')
-
-# compile and install ndncert
-git clone https://github.com/Zhiyi-Zhang/ndncert.git
-cd ndncert
-git checkout origin/v0.3
-./waf configure
-sudo ./waf install
-sudo cp ./build/systemd/ndncert-ca.service /etc/systemd/system/
-sudo chmod 644 /etc/systemd/system/ndncert-ca.service
-
+#run client
+sudo mkdir /var/lib/ndncert-ca
+sudo chown ndn /var/lib/ndncert-ca
+sudo HOME=/var/lib/ndncert-ca -u ndn ndnsec-keygen /ndn
+sudo HOME=/var/lib/ndncert-ca -u ndn ndncert-client -c ndncert-site-client.conf
 
 
 # prepare CA configuration file
-echo -e "{\n\"ca-prefix\": \"/ndn\",\n\"ca-info\": \"NDN testbed root CA\",\n\"max-validity-period\": \"1296000\",\n\"max-suffix-length\": \"2\",\n\"supported-challenges\":\n[\n{ \"challenge\": \"pin\" }\n]\n}" > /usr/local/etc/ndncert/ca.conf
+echo 'Please enter the /ndn certificate:'
+site_prefix=$(read)
+cat > /usr/local/etc/ndncert/ca.conf << ~EOF
+{
+  "ca-prefix": "$site_prefix",
+  "ca-info": "NDN Testbed Site Trust Anchor: $site_prefix",
+  "max-validity-period": "1296000",
+  "max-suffix-length": "2",
+  "probe-parameters":
+  [
+    {"probe-parameter-key": "email"}
+  ],
+  "supported-challenges":
+  [
+    { "challenge": "pin" },
+    { "challenge": "email" }
+  ],
+  "name-assignment":
+  {
+    "param": "/email"
+  }
+}
+~EOF
 
 # run the CA
 sudo systemctl start ndncert-ca