Zhiyi Zhang | 3aaf06d | 2020-10-17 13:05:36 -0700 | [diff] [blame] | 1 | #! /bin/bash |
| 2 | |
tylerliu | 3598610 | 2020-10-17 17:25:29 -0700 | [diff] [blame^] | 3 | # sudo check |
| 4 | if [ "$EUID" -ne 0 ] |
| 5 | then echo "Please run as root" |
| 6 | exit |
| 7 | fi |
| 8 | |
tylerliu | e0a7dd0 | 2020-10-17 17:10:59 -0700 | [diff] [blame] | 9 | echo 'Please enter the /ndn certificate:(end with Ctrl-D)' |
| 10 | ROOT_CERT=$(cat | tr -d '\n') |
| 11 | |
tylerliu | 5a7f07a | 2020-10-17 17:19:40 -0700 | [diff] [blame] | 12 | # compile and install ndncert |
| 13 | git clone https://github.com/Zhiyi-Zhang/ndncert.git |
| 14 | cd ndncert |
| 15 | git checkout origin/v0.3 |
| 16 | ./waf configure |
| 17 | sudo ./waf install |
| 18 | sudo cp ./build/systemd/ndncert-ca.service /etc/systemd/system/ |
| 19 | sudo chmod 644 /etc/systemd/system/ndncert-ca.service |
| 20 | |
| 21 | # Generate ndncert config file |
| 22 | echo 'Please enter the /ndn certificate:(end with Ctrl-D)' |
| 23 | root_cert=$(cat | tr -d '\n') |
| 24 | |
tylerliu | e0a7dd0 | 2020-10-17 17:10:59 -0700 | [diff] [blame] | 25 | cat > ndncert-site-client.conf << ~EOF |
| 26 | { |
| 27 | "ca-list": |
| 28 | [ |
| 29 | { |
| 30 | "ca-prefix": "/ndn", |
| 31 | "ca-info": "NDN Testbed Root Trust Anchor", |
| 32 | "max-validity-period": "1296000", |
| 33 | "max-suffix-length": "3", |
| 34 | "probe-parameters": |
| 35 | [ |
| 36 | {"probe-parameter-key": "pin"} |
| 37 | ], |
tylerliu | 5a7f07a | 2020-10-17 17:19:40 -0700 | [diff] [blame] | 38 | "certificate": "$root_cert" |
tylerliu | e0a7dd0 | 2020-10-17 17:10:59 -0700 | [diff] [blame] | 39 | } |
| 40 | ] |
| 41 | } |
| 42 | ~EOF |
| 43 | |
tylerliu | 5a7f07a | 2020-10-17 17:19:40 -0700 | [diff] [blame] | 44 | #run client |
| 45 | sudo mkdir /var/lib/ndncert-ca |
| 46 | sudo chown ndn /var/lib/ndncert-ca |
| 47 | sudo HOME=/var/lib/ndncert-ca -u ndn ndnsec-keygen /ndn |
| 48 | sudo HOME=/var/lib/ndncert-ca -u ndn ndncert-client -c ndncert-site-client.conf |
tylerliu | e0a7dd0 | 2020-10-17 17:10:59 -0700 | [diff] [blame] | 49 | |
| 50 | |
| 51 | # prepare CA configuration file |
tylerliu | 5a7f07a | 2020-10-17 17:19:40 -0700 | [diff] [blame] | 52 | echo 'Please enter the /ndn certificate:' |
| 53 | site_prefix=$(read) |
| 54 | cat > /usr/local/etc/ndncert/ca.conf << ~EOF |
| 55 | { |
| 56 | "ca-prefix": "$site_prefix", |
| 57 | "ca-info": "NDN Testbed Site Trust Anchor: $site_prefix", |
| 58 | "max-validity-period": "1296000", |
| 59 | "max-suffix-length": "2", |
| 60 | "probe-parameters": |
| 61 | [ |
| 62 | {"probe-parameter-key": "email"} |
| 63 | ], |
| 64 | "supported-challenges": |
| 65 | [ |
| 66 | { "challenge": "pin" }, |
| 67 | { "challenge": "email" } |
| 68 | ], |
| 69 | "name-assignment": |
| 70 | { |
| 71 | "param": "/email" |
| 72 | } |
| 73 | } |
| 74 | ~EOF |
tylerliu | e0a7dd0 | 2020-10-17 17:10:59 -0700 | [diff] [blame] | 75 | |
| 76 | # run the CA |
| 77 | sudo systemctl start ndncert-ca |
| 78 | sleep(2) |
| 79 | |
| 80 | # check the status to make sure everything is correct |
| 81 | sudo systemctl status ndncert-server |
| 82 | |