blob: 7d4029fb77c076f8517ce5b19a4674e9b6cedc57 [file] [log] [blame]
Zhiyi Zhang3aaf06d2020-10-17 13:05:36 -07001#! /bin/bash
2
tylerliu35986102020-10-17 17:25:29 -07003# sudo check
4if [ "$EUID" -ne 0 ]
5 then echo "Please run as root"
6 exit
7fi
8
tylerliue0a7dd02020-10-17 17:10:59 -07009echo 'Please enter the /ndn certificate:(end with Ctrl-D)'
10ROOT_CERT=$(cat | tr -d '\n')
11
tylerliu5a7f07a2020-10-17 17:19:40 -070012# compile and install ndncert
13git clone https://github.com/Zhiyi-Zhang/ndncert.git
14cd ndncert
15git checkout origin/v0.3
16./waf configure
17sudo ./waf install
18sudo cp ./build/systemd/ndncert-ca.service /etc/systemd/system/
19sudo chmod 644 /etc/systemd/system/ndncert-ca.service
20
21# Generate ndncert config file
22echo 'Please enter the /ndn certificate:(end with Ctrl-D)'
23root_cert=$(cat | tr -d '\n')
24
tylerliue0a7dd02020-10-17 17:10:59 -070025cat > ndncert-site-client.conf << ~EOF
26{
27 "ca-list":
28 [
29 {
30 "ca-prefix": "/ndn",
31 "ca-info": "NDN Testbed Root Trust Anchor",
32 "max-validity-period": "1296000",
33 "max-suffix-length": "3",
34 "probe-parameters":
35 [
36 {"probe-parameter-key": "pin"}
37 ],
tylerliu5a7f07a2020-10-17 17:19:40 -070038 "certificate": "$root_cert"
tylerliue0a7dd02020-10-17 17:10:59 -070039 }
40 ]
41}
42~EOF
43
tylerliu5a7f07a2020-10-17 17:19:40 -070044#run client
45sudo mkdir /var/lib/ndncert-ca
46sudo chown ndn /var/lib/ndncert-ca
47sudo HOME=/var/lib/ndncert-ca -u ndn ndnsec-keygen /ndn
48sudo HOME=/var/lib/ndncert-ca -u ndn ndncert-client -c ndncert-site-client.conf
tylerliue0a7dd02020-10-17 17:10:59 -070049
50
51# prepare CA configuration file
tylerliu5a7f07a2020-10-17 17:19:40 -070052echo 'Please enter the /ndn certificate:'
53site_prefix=$(read)
54cat > /usr/local/etc/ndncert/ca.conf << ~EOF
55{
56 "ca-prefix": "$site_prefix",
57 "ca-info": "NDN Testbed Site Trust Anchor: $site_prefix",
58 "max-validity-period": "1296000",
59 "max-suffix-length": "2",
60 "probe-parameters":
61 [
62 {"probe-parameter-key": "email"}
63 ],
64 "supported-challenges":
65 [
66 { "challenge": "pin" },
67 { "challenge": "email" }
68 ],
69 "name-assignment":
70 {
71 "param": "/email"
72 }
73}
74~EOF
tylerliue0a7dd02020-10-17 17:10:59 -070075
76# run the CA
77sudo systemctl start ndncert-ca
78sleep(2)
79
80# check the status to make sure everything is correct
81sudo systemctl status ndncert-server
82