Blame - deployment/step-1-root-ca.sh - ndncert

blob: abe999bdde60d2f70a808c951deeb6d3d8be851f [file] [log] [blame]

Zhiyi Zhang	3aaf06d	2020-10-17 13:05:36 -0700	[diff] [blame]	1	#! /bin/bash
				2
Zhiyi Zhang	633c5bf	2020-10-17 16:28:05 -0700	[diff] [blame]	3	# file name and password to a safebag TODO
Zhiyi Zhang	d6fa6f4	2020-10-17 16:17:26 -0700	[diff] [blame]	4
Zhiyi Zhang	3aaf06d	2020-10-17 13:05:36 -0700	[diff] [blame]	5	# compile and install ndncert
				6	git clone https://github.com/Zhiyi-Zhang/ndncert.git
				7	cd ndncert
				8	git checkout origin/v0.3
				9	./waf configure
Zhiyi Zhang	79ee944	2020-10-17 15:35:56 -0700	[diff] [blame]	10	sudo ./waf install
				11	sudo cp ./build/systemd/ndncert-ca.service /etc/systemd/system/
Zhiyi Zhang	d6fa6f4	2020-10-17 16:17:26 -0700	[diff] [blame]	12	sudo chmod 644 /etc/systemd/system/ndncert-ca.service
Zhiyi Zhang	3aaf06d	2020-10-17 13:05:36 -0700	[diff] [blame]	13
Zhiyi Zhang	79ee944	2020-10-17 15:35:56 -0700	[diff] [blame]	14	# prepare the CA root key
				15	sudo mkdir /var/lib/ndncert-ca
				16	sudo chown ndn /var/lib/ndncert-ca
Zhiyi Zhang	d6fa6f4	2020-10-17 16:17:26 -0700	[diff] [blame]	17	sudo HOME=/var/lib/ndncert-ca -u ndn ndnsec-keygen /ndn
Zhiyi Zhang	79ee944	2020-10-17 15:35:56 -0700	[diff] [blame]	18
				19	# prepare CA configuration file
Zhiyi Zhang	3aaf06d	2020-10-17 13:05:36 -0700	[diff] [blame]	20	echo -e "{\n\"ca-prefix\": \"/ndn\",\n\"ca-info\": \"NDN testbed root CA\",\n\"max-validity-period\": \"1296000\",\n\"max-suffix-length\": \"2\",\n\"supported-challenges\":\n[\n{ \"challenge\": \"pin\" }\n]\n}" > /usr/local/etc/ndncert/ca.conf
				21
Zhiyi Zhang	3aaf06d	2020-10-17 13:05:36 -0700	[diff] [blame]	22	# run the CA
Zhiyi Zhang	d6fa6f4	2020-10-17 16:17:26 -0700	[diff] [blame]	23	sudo systemctl start ndncert-ca
Zhiyi Zhang	79ee944	2020-10-17 15:35:56 -0700	[diff] [blame]	24	sleep(2)
Zhiyi Zhang	3aaf06d	2020-10-17 13:05:36 -0700	[diff] [blame]	25
				26	# check the status to make sure everything is correct
				27	sudo systemctl status ndncert-server