ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2024-12-21 05:53:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
41b0b6c0b1
corda/docs/build/html/permissioning.html
Mike Hearn f7eafaae19 Regen docsite
2016-11-29 20:49:25 +00:00

357 lines
18 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Network permissioning &mdash; R3 Corda latest documentation</title>
<link rel="stylesheet" href="_static/css/custom.css" type="text/css" />
<link rel="top" title="R3 Corda latest documentation" href="index.html"/>
<link rel="next" title="Writing a contract" href="tutorial-contract.html"/>
<link rel="prev" title="Node Explorer" href="node-explorer.html"/>
<script src="_static/js/modernizr.min.js"></script>
</head>
<body class="wy-body-for-nav" role="document">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search">
<a href="index.html" class="icon icon-home"> R3 Corda
</a>
<div class="version">
latest
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
<input type="text" name="q" placeholder="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
<br>
<a href="api/index.html">API reference</a>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
<p class="caption"><span class="caption-text">Getting started</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="inthebox.html">What&#8217;s included?</a></li>
<li class="toctree-l1"><a class="reference internal" href="getting-set-up.html">Getting set up</a></li>
<li class="toctree-l1"><a class="reference internal" href="getting-set-up-fault-finding.html">Getting set up: troubleshooting</a></li>
<li class="toctree-l1"><a class="reference internal" href="running-the-demos.html">Running the demos</a></li>
<li class="toctree-l1"><a class="reference internal" href="CLI-vs-IDE.html">CLI vs IDE</a></li>
</ul>
<p class="caption"><span class="caption-text">Key concepts</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="data-model.html">Data model</a></li>
<li class="toctree-l1"><a class="reference internal" href="transaction-data-types.html">Data types</a></li>
<li class="toctree-l1"><a class="reference internal" href="merkle-trees.html">Transaction tear-offs</a></li>
<li class="toctree-l1"><a class="reference internal" href="consensus.html">Consensus model</a></li>
<li class="toctree-l1"><a class="reference internal" href="clauses.html">Clauses key concepts</a></li>
</ul>
<p class="caption"><span class="caption-text">CorDapps</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="creating-a-cordapp.html">CorDapps Background</a></li>
<li class="toctree-l1"><a class="reference internal" href="creating-a-cordapp.html#gradle-plugins-for-cordapps">Gradle plugins for CorDapps</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-cordapp.html">The CorDapp Template</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-cordapp.html#building-the-cordapp-template">Building the CorDapp template</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-cordapp.html#running-the-sample-cordapp">Running the Sample CorDapp</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-cordapp.html#using-the-sample-cordapp">Using the sample CorDapp</a></li>
</ul>
<p class="caption"><span class="caption-text">The Corda node</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="clientrpc.html">Client RPC</a></li>
<li class="toctree-l1"><a class="reference internal" href="messaging.html">Networking and messaging</a></li>
<li class="toctree-l1"><a class="reference internal" href="persistence.html">Persistence</a></li>
<li class="toctree-l1"><a class="reference internal" href="node-administration.html">Node administration</a></li>
<li class="toctree-l1"><a class="reference internal" href="corda-configuration-file.html">Node configuration</a></li>
<li class="toctree-l1"><a class="reference internal" href="corda-plugins.html">The Corda plugin framework</a></li>
<li class="toctree-l1"><a class="reference internal" href="node-services.html">Brief introduction to the node services</a></li>
<li class="toctree-l1"><a class="reference internal" href="node-explorer.html">Node Explorer</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">Network permissioning</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#certificate-signing-request-utility">Certificate signing request utility</a></li>
<li class="toctree-l2"><a class="reference internal" href="#building-the-utility">Building the utility</a></li>
<li class="toctree-l2"><a class="reference internal" href="#running-the-utility">Running the utility</a></li>
</ul>
</li>
</ul>
<p class="caption"><span class="caption-text">Tutorials</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="tutorial-contract.html">Writing a contract</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-contract-clauses.html">Writing a contract using clauses</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-test-dsl.html">Writing a contract test</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-integration-testing.html">Integration Test Tutorial</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-clientrpc-api.html">Client RPC API tutorial</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-building-transactions.html">Building Transactions</a></li>
<li class="toctree-l1"><a class="reference internal" href="flow-state-machines.html">Writing flows</a></li>
<li class="toctree-l1"><a class="reference internal" href="flow-testing.html">Writing flow tests</a></li>
<li class="toctree-l1"><a class="reference internal" href="running-a-notary.html">Running a notary service</a></li>
<li class="toctree-l1"><a class="reference internal" href="using-a-notary.html">Using a notary service</a></li>
<li class="toctree-l1"><a class="reference internal" href="oracles.html">Writing oracle services</a></li>
<li class="toctree-l1"><a class="reference internal" href="oracles.html#implementing-an-oracle-with-continuously-varying-data">Implementing an oracle with continuously varying data</a></li>
<li class="toctree-l1"><a class="reference internal" href="oracles.html#using-an-oracle">Using an oracle</a></li>
<li class="toctree-l1"><a class="reference internal" href="tutorial-attachments.html">Using attachments</a></li>
<li class="toctree-l1"><a class="reference internal" href="event-scheduling.html">Event scheduling</a></li>
</ul>
<p class="caption"><span class="caption-text">Other</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="network-simulator.html">Network Simulator</a></li>
<li class="toctree-l1"><a class="reference internal" href="initial-margin-agreement.html">Initial margin agreements</a></li>
</ul>
<p class="caption"><span class="caption-text">Component library</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="contract-catalogue.html">Contract catalogue</a></li>
<li class="toctree-l1"><a class="reference internal" href="contract-irs.html">Interest rate swaps</a></li>
</ul>
<p class="caption"><span class="caption-text">Appendix</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="loadtesting.html">Load testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="setting-up-a-corda-network.html">Introduction - What is a corda network?</a></li>
<li class="toctree-l1"><a class="reference internal" href="setting-up-a-corda-network.html#setting-up-your-own-network">Setting up your own network</a></li>
<li class="toctree-l1"><a class="reference internal" href="secure-coding-guidelines.html">Secure coding guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="release-process.html">Release process</a></li>
<li class="toctree-l1"><a class="reference internal" href="release-process.html#steps-to-cut-a-release">Steps to cut a release</a></li>
<li class="toctree-l1"><a class="reference internal" href="release-notes.html">Release notes</a></li>
<li class="toctree-l1"><a class="reference internal" href="codestyle.html">Code style guide</a></li>
<li class="toctree-l1"><a class="reference internal" href="building-the-docs.html">Building the documentation</a></li>
</ul>
<p class="caption"><span class="caption-text">Glossary</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="glossary.html">Glossary</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" role="navigation" aria-label="top navigation">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="index.html">R3 Corda</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href="index.html">Docs</a> &raquo;</li>
<li>Network permissioning</li>
<li class="wy-breadcrumbs-aside">
<a href="_sources/permissioning.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<div class="section" id="network-permissioning">
<h1>Network permissioning<a class="headerlink" href="#network-permissioning" title="Permalink to this headline"></a></h1>
<p>The keystore located in <code class="docutils literal"><span class="pre">&lt;workspace&gt;/certificates/sslkeystore.jks</span></code> is required to connect to the Corda network securely.
In development mode (when <code class="docutils literal"><span class="pre">devMode</span> <span class="pre">=</span> <span class="pre">true</span></code>, see <a class="reference internal" href="corda-configuration-file.html"><span class="doc">Node configuration</span></a> for more information) a pre-configured keystore will be used if the keystore does not exist.
This is to ensure developers can get the nodes working as quickly as possible.</p>
<p>However this is not secure for the real network. This documentation will explain the procedure of obtaining a signed certificate for TestNet.</p>
<div class="admonition warning">
<p class="first admonition-title">Warning</p>
<p class="last">The TestNet has not been setup yet as of Milestone 6 release. You will not be able to connect to the certificate signing server.</p>
</div>
<div class="section" id="certificate-signing-request-utility">
<h2>Certificate signing request utility<a class="headerlink" href="#certificate-signing-request-utility" title="Permalink to this headline"></a></h2>
<p>The utility creates certificate signing request based on node information obtained from the node configuration.
The following information from the node configuration file is needed to generate a certificate signing request.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">myLegalName:</th><td class="field-body">Your company&#8217;s legal name. e.g. &#8220;R3 CEV, LLC&#8221;</td>
</tr>
<tr class="field-even field"><th class="field-name">nearestCity:</th><td class="field-body">e.g. &#8220;London&#8221;</td>
</tr>
<tr class="field-odd field"><th class="field-name">emailAddress:</th><td class="field-body">e.g. &#8220;<a class="reference external" href="mailto:admin&#37;&#52;&#48;company&#46;com">admin<span>&#64;</span>company<span>&#46;</span>com</a>&#8220;</td>
</tr>
<tr class="field-even field"><th class="field-name" colspan="2">certificateSigningService:</th></tr>
<tr class="field-even field"><td>&nbsp;</td><td class="field-body">Certificate signing server URL. A certificate signing server will be hosted by R3 in the near future. e.g.&#8221;<a class="reference external" href="https://testnet.certificate.corda.net">https://testnet.certificate.corda.net</a>&#8220;</td>
</tr>
</tbody>
</table>
<p>A new pair of private and public keys will be generated by the utility and will be used to create the request.</p>
<p>The utility will submit the request to the network permissioning server and poll for a result periodically to retrieve the certificates.
Once the request has been approved and the certificates downloaded from the server, the utility will create the key store and trust store using the certificates and the generated private key.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">You can exit the utility at anytime if the approval process is taking longer then expected. The request process will resume on restart.</p>
</div>
<p>This process only needs to be done once when the node connects to the network for the first time, or when the certificate expires.</p>
</div>
<div class="section" id="building-the-utility">
<h2>Building the utility<a class="headerlink" href="#building-the-utility" title="Permalink to this headline"></a></h2>
<p>The utility will be created as part of the main build <code class="docutils literal"><span class="pre">buildCordaJAR</span></code>.
You can also build the utility JAR by run the following command from the Corda project root directory.</p>
<p><strong>Windows</strong>:</p>
<div class="highlight-kotlin"><div class="highlight"><pre><span></span><span class="n">gradlew</span><span class="p">.</span><span class="n">bat</span> <span class="n">buildCertSigningRequestUtilityJAR</span>
</pre></div>
</div>
<p><strong>Other</strong>:</p>
<div class="highlight-kotlin"><div class="highlight"><pre><span></span><span class="p">./</span><span class="n">gradlew</span> <span class="n">buildCertSigningRequestUtilityJAR</span>
</pre></div>
</div>
<p>The utility JAR will be created in <code class="docutils literal"><span class="pre">&lt;Project</span> <span class="pre">Root</span> <span class="pre">Dir&gt;/build/libs/certSigningRequestUtility.jar</span></code></p>
</div>
<div class="section" id="running-the-utility">
<h2>Running the utility<a class="headerlink" href="#running-the-utility" title="Permalink to this headline"></a></h2>
<p>You will need to specify the working directory of your Corda node using <code class="docutils literal"><span class="pre">--base-dir</span></code> flag. This is defaulted to current directory if left blank.
You can also specify the location of <code class="docutils literal"><span class="pre">node.conf</span></code> with <code class="docutils literal"><span class="pre">--config-file</span></code> flag if it&#8217;s not in the working directory.</p>
<p><strong>Running the Utility</strong>:</p>
<div class="highlight-kotlin"><div class="highlight"><pre><span></span><span class="n">java</span> <span class="p">-</span><span class="n">jar</span> <span class="n">certSigningRequestUtility</span><span class="p">.</span><span class="n">jar</span> <span class="p">--</span><span class="n">base</span><span class="p">-</span><span class="n">dir</span> <span class="p">&lt;&lt;</span><span class="n">optional</span><span class="p">&gt;&gt;</span> <span class="p">--</span><span class="n">config</span><span class="p">-</span><span class="n">file</span> <span class="p">&lt;&lt;</span><span class="n">optional</span><span class="p">&gt;&gt;</span>
</pre></div>
</div>
<p>A <code class="docutils literal"><span class="pre">certificates</span></code> folder containing the keystore and trust store will be created in the base directory when the process is completed.</p>
<div class="admonition warning">
<p class="first admonition-title">Warning</p>
<p class="last">The keystore is protected by the keystore password from the node configuration file. The password should kept safe to protect the private key and certificate.</p>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Password encryption in node configuration will be supported in subsequent release.</p>
</div>
</div>
</div>
</div>
</div>
<footer>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="tutorial-contract.html" class="btn btn-neutral float-right" title="Writing a contract" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="node-explorer.html" class="btn btn-neutral" title="Node Explorer" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<hr/>
<div role="contentinfo">
<p>
&copy; Copyright 2016, R3 Limited.
</p>
</div>
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT:'./',
VERSION:'latest',
COLLAPSE_INDEX:false,
FILE_SUFFIX:'.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<script type="text/javascript" src="_static/js/theme.js"></script>
<script type="text/javascript">
jQuery(function () {
SphinxRtdTheme.StickyNav.enable();
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink