mirror of
https://github.com/corda/corda.git
synced 2025-06-23 09:25:36 +00:00
Make Network registration process more verbose (#251)
* Make the network registration process more verbose * removed gradle task for building standalone jar for the certificate signing request utility * Added a flag "--initial-registration" to the corda jar to start the registration
This commit is contained in:
Patrick Kuo
GitHub
@ -9,14 +9,14 @@ as possible.
|
||||
However this is not secure for the real network. This documentation will explain the procedure of obtaining a signed
|
||||
certificate for TestNet.
|
||||
|
||||
.. warning:: The TestNet has not been setup yet as of Milestone 6 release. You will not be able to connect to the
|
||||
.. warning:: The TestNet has not been setup yet as of Milestone 8 release. You will not be able to connect to the
|
||||
certificate signing server.
|
||||
|
||||
Certificate signing request utility
|
||||
-----------------------------------
|
||||
Initial Registration
|
||||
--------------------
|
||||
|
||||
The utility creates certificate signing request based on node information obtained from the node configuration.
|
||||
The following information from the node configuration file is needed to generate a certificate signing request.
|
||||
The certificate signing request will be created based on node information obtained from the node configuration.
|
||||
The following information from the node configuration file is needed to generate the request.
|
||||
|
||||
:myLegalName: Your company's legal name. e.g. "Mega Corp LLC". This needs to be unique on the network. If another node
|
||||
has already been permissioned with this name then the permissioning server will automatically reject the request. The
|
||||
@ -32,40 +32,25 @@ The following information from the node configuration file is needed to generate
|
||||
:certificateSigningService: Certificate signing server URL. A certificate signing server will be hosted by R3 in the near
|
||||
future. e.g."https://testnet.certificate.corda.net"
|
||||
|
||||
A new pair of private and public keys will be generated by the utility and will be used to create the request.
|
||||
A new pair of private and public keys generated by the Corda node will be used to create the request.
|
||||
|
||||
The utility will submit the request to the network permissioning server and poll for a result periodically to retrieve the certificates.
|
||||
Once the request has been approved and the certificates downloaded from the server, the utility will create the key store and trust store using the certificates and the generated private key.
|
||||
Once the request has been approved and the certificates downloaded from the server, the node will create the keystore and trust store using the certificates and the generated private key.
|
||||
|
||||
.. note:: You can exit the utility at any time if the approval process is taking longer than expected. The request process will resume on restart.
|
||||
|
||||
This process only needs to be done once when the node connects to the network for the first time, or when the certificate expires.
|
||||
|
||||
Building the utility
|
||||
--------------------
|
||||
The utility will be created as part of the gradle ``:node`` module ``buildCordaJAR`` task.
|
||||
You can also build the utility JAR by run the following command from the Corda project root directory.
|
||||
|
||||
**Windows**::
|
||||
|
||||
gradlew.bat :node:buildCertSigningRequestUtilityJAR
|
||||
|
||||
**Other**::
|
||||
|
||||
./gradlew :node:buildCertSigningRequestUtilityJAR
|
||||
|
||||
The utility JAR will be created in ``<Project Root Dir>/node/build/libs/certSigningRequestUtility.jar``
|
||||
This process only is needed when the node connects to the network for the first time, or when the certificate expires.
|
||||
|
||||
|
||||
Running the utility
|
||||
-------------------
|
||||
Starting the Registration
|
||||
-------------------------
|
||||
|
||||
You will need to specify the working directory of your Corda node using ``--base-dir`` flag. This is defaulted to current directory if left blank.
|
||||
You can also specify the location of ``node.conf`` with ``--config-file`` flag if it's not in the working directory.
|
||||
|
||||
**Running the Utility**::
|
||||
**To start the registration**::
|
||||
|
||||
java -jar certSigningRequestUtility.jar --base-dir <<optional>> --config-file <<optional>>
|
||||
java -jar corda.jar --initial-registration --base-dir <<optional>> --config-file <<optional>>
|
||||
|
||||
A ``certificates`` folder containing the keystore and trust store will be created in the base directory when the process is completed.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user