Skip to content

Testing the M1 Interface on v1.2.0

Jordi J. Gimenez edited this page Apr 25, 2024 · 3 revisions

[MIGRATED]

Testing: M1 Interface (5GMSd Application Function v1.2.x)

To prepare, follow the instructions for local user building and installation.

Testing

These tests require a 5GMSd Application Server to be running. Please follow the instructions to build, install and run the 5GMSd Application Server as a system service or the instructions to run the AS as a local user for a temporary installation for testing.

Test Provisioning Sessions

This will test the ability of the Application Function to allocate and retrieve information about provisioning session upon request by an Application Provider.

Create provisioning sessions

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. Check the Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session list

    This should list a single provisioning session.

  6. Create a second Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  7. Check the Provisioning Sessions:

    ~/rt-5gms-application-function/install/bin/m1-session list

    This should list the two provisioning sessions.

Get details for a provisioning session

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session with Content Hosting Configuration

    ~/rt-5gms-application-function/install/bin/m1-session new-stream -e MyAppId -a MyASPId -n 'Big Buck Bunny' 'https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/' 'BigBuckBunny_4s_onDemand_2014_05_09.mpd'
  5. Check the Provisioning Session details:

    ~/rt-5gms-application-function/install/bin/m1-session list -v

    This will list the provisioning session showing the Content Hosting Configuration attached to it.

    For example:

    1c961622-c803-41ed-83c5-e304b44dbd7e:
      Certificates:
      ContentHostingConfiguration:
        Name: Big Buck Bunny
        Entry Point Path: BigBuckBunny_4s_onDemand_2014_05_09.mpd
        Ingest:
            Type: urn:3gpp:5gms:content-protocol:http-pull-ingest
            URL: https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/
        Distributions:
          - URL: http://localhost/m4d/provisioning-session-1c961622-c803-41ed-83c5-e304b44dbd7e/
            Canonical Domain Name: localhost
    

Delete a provisioning session

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. Check the Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session list

    This should list a single provisioning session.

  6. Delete the Provisioning Session by Id:

    ~/rt-5gms-application-function/install/bin/m1-session del-stream -p ${provisioning_session_id}

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in the earlier step.

    For example:

    ~/rt-5gms-application-function/install/bin/m1-session del-stream -p 1c961622-c803-41ed-83c5-e304b44dbd7e
  7. Check the Provisioning Session is deleted:

    ~/rt-5gms-application-function/install/bin/m1-session list

    There should be no provisioning sessions listed.

  8. Create a single Provisioning Session with a stream identifier:

    ~/rt-5gms-application-function/install/bin/m1-session new-stream -e MyAppId -a MyASPId -n 'Test Stream' 'https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/' 'BigBuckBunny_4s_onDemand_2014_05_09.mpd'
  9. Check the Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session list -v
  10. Delete the Provisioning Session by ingest URL and entry point path:

    ~/rt-5gms-application-function/install/bin/m1-session del-stream 'https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/' 'BigBuckBunny_4s_onDemand_2014_05_09.mpd'
  11. Check the Provisioning Session is deleted:

    ~/rt-5gms-application-function/install/bin/m1-session list

    There should be no provisioning sessions listed.

Server Certificates

Create Server Certificates

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. Create a certificate:

    ~/rt-5gms-application-function/install/bin/m1-session new-certificate -p ${provisioning_session_id}

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in the previous step.

  6. Check the Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session list -v

    The output should show a provisioning session with a single certificate where the subject and issuer of the certificate are identical.

    For example:

    40b75340-c8a3-41ed-9d6e-cbf27240da7a:
      Certificates:
        4fff7e04-c8a3-41ed-9d6e-cbf27240da7a:
          Serial = 723264618754945153424478507276304617300583059881
          Not before = 2023-03-22 11:18:46+00:00
          Not after = 2023-06-20 11:18:46+00:00
          Subject = C=GB,L=London,CN=localhost
                    key=C2:56:2C:A6:D7:B3:AE:C7:3A:2C:18:9D:5B:2A:EB:62:C0:7E:35:05
          Issuer = C=GB,L=London,CN=localhost
                   key=C2:56:2C:A6:D7:B3:AE:C7:3A:2C:18:9D:5B:2A:EB:62:C0:7E:35:05
          Subject Alternative Names:
            DNS:localhost
      ContentHostingConfiguration:
        Not defined
    

    This shows that for provisioning session 40b75340-c8a3-41ed-9d6e-cbf27240da7a there is a certificate with id 4fff7e04-c8a3-41ed-9d6e-cbf27240da7a lasting for 90 days from 22nd Mar 2023. The "Subject" and "Issuer" both have the same designated name ("C=GB,L=London,CN=localhost") and key hash, showing that this is a self signed certificate. The "Subject Alternative Names" contains one "DNS" entry for the canonical name of the 5GMSd Application Server.

  7. Create a certificate with a domain name:

    ~/rt-5gms-application-function/install/bin/m1-session new-certificate -p ${provisioning_session_id} -d as.example.com

    Since a domain name was requested, the m1-session tool will request a CSR from the 5GMSd Application Function and sign it itself.

  8. Check the Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session list -v

    The output should now show an extra certificate on the provisioning session.

    For example:

    40b75340-c8a3-41ed-9d6e-cbf27240da7a:
      Certificates:
        4fff7e04-c8a3-41ed-9d6e-cbf27240da7a:
          Serial = 723264618754945153424478507276304617300583059881
          Not before = 2023-03-22 11:18:46+00:00
          Not after = 2023-06-20 11:18:46+00:00
          Subject = C=GB,L=London,CN=localhost
                    key=C2:56:2C:A6:D7:B3:AE:C7:3A:2C:18:9D:5B:2A:EB:62:C0:7E:35:05
          Issuer = C=GB,L=London,CN=localhost
                   key=C2:56:2C:A6:D7:B3:AE:C7:3A:2C:18:9D:5B:2A:EB:62:C0:7E:35:05
          Subject Alternative Names:
            DNS:localhost
        8aa9e5ac-c8a9-41ed-9d6e-cbf27240da7a:
          Serial = 1
          Not before = 2023-03-22 12:03:22+00:00
          Not after = 2023-04-21 12:03:22+00:00
          Subject = CN=as.example.com,O=5G-MAG
                    key=37:62:38:E1:D2:18:23:90:A9:12:2A:C7:EF:5F:7E:F8:91:3A:89:8F
          Issuer = O=5G-MAG,CN=5G-MAG Reference Tools Local CA
                   key=B4:2F:13:EE:02:D0:34:75:C0:7B:9D:C7:67:6D:90:76:F5:A8:CC:EF
          Subject Alternative Names:
            DNS:as.example.com
            DNS:localhost
      ContentHostingConfiguration:
        Not defined
    

    This shows that there is now a second certificate (8aa9e5ac-c8a9-41ed-9d6e-cbf27240da7a) issued by "5G-MAG Reference Tools Local CA" and the Subject Common Name is the domain name alias used with the -d command line option when the certificate was created. The canonical domain name of the 5GMSd Application Server is the second Subject Alternative Name. These certificates last for 30 days by default.

  9. Reserve a certificate:

    ~/rt-5gms-application-function/install/bin/m1-session new-certificate -p ${provisioning_session_id} --csr

    The output includes the new certificate id and a CSR in PEM format.

  10. Check the Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session list -v

    The output should now show a third certificate id but the certificate detail says "Certificate not yet uploaded".

    For example:

    40b75340-c8a3-41ed-9d6e-cbf27240da7a:
      Certificates:
        4fff7e04-c8a3-41ed-9d6e-cbf27240da7a:
          Serial = 723264618754945153424478507276304617300583059881
          Not before = 2023-03-22 11:18:46+00:00
          Not after = 2023-06-20 11:18:46+00:00
          Subject = C=GB,L=London,CN=localhost
                    key=C2:56:2C:A6:D7:B3:AE:C7:3A:2C:18:9D:5B:2A:EB:62:C0:7E:35:05
          Issuer = C=GB,L=London,CN=localhost
                   key=C2:56:2C:A6:D7:B3:AE:C7:3A:2C:18:9D:5B:2A:EB:62:C0:7E:35:05
          Subject Alternative Names:
            DNS:localhost
        8aa9e5ac-c8a9-41ed-9d6e-cbf27240da7a:
          Serial = 1
          Not before = 2023-03-22 12:03:22+00:00
          Not after = 2023-04-21 12:03:22+00:00
          Subject = CN=as.example.com,O=5G-MAG
                    key=37:62:38:E1:D2:18:23:90:A9:12:2A:C7:EF:5F:7E:F8:91:3A:89:8F
          Issuer = O=5G-MAG,CN=5G-MAG Reference Tools Local CA
                   key=B4:2F:13:EE:02:D0:34:75:C0:7B:9D:C7:67:6D:90:76:F5:A8:CC:EF
          Subject Alternative Names:
            DNS:as.example.com
            DNS:localhost
        2a118b8e-c8a7-41ed-9d6e-cbf27240da7a:
          Certificate not yet uploaded
      ContentHostingConfiguration:
        Not defined
    

    This shows that the 2a118b8e-c8a7-41ed-9d6e-cbf27240da7a certificate is waiting for a signed certificate to be uploaded.

Output certificate details

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. Create a certificate

    ~/rt-5gms-application-function/install/bin/m1-session new-certificate -p ${provisioning_session_id}

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in the previous step.

  6. Display the details of the certificate

    ~/rt-5gms-application-function/install/bin/m1-session show-certificate -p ${provisioning_session_id} -c ${certificate_id}

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in step 4 and ${certificate_id} is the certificate id of the certificate created in the previous step.

    This will display the certificate details.

    For example:

    Certificate details for d921a6e2-c977-41ed-ae8f-4f7bb018a30b:
      Serial = 570812267048735513617861647966053937458169779179
      Not before = 2023-03-23 12:40:10+00:00
      Not after = 2023-06-21 12:40:10+00:00
      Subject = C=GB,L=London,CN=localhost
                key=E9:61:FD:5A:31:0C:ED:C0:B0:CC:29:0D:29:89:AE:EE:F9:25:89:CA
      Issuer = C=GB,L=London,CN=localhost
               key=E9:61:FD:5A:31:0C:ED:C0:B0:CC:29:0D:29:89:AE:EE:F9:25:89:CA
      Subject Alternative Names:
        DNS:localhost
    
  7. Display the public certificate PEM data

    ~/rt-5gms-application-function/install/bin/m1-session show-certificate -p ${provisioning_session_id} -c ${certificate_id} -r

    The -r flag causes the command to display the "raw" output which is the PEM data for the certificate.

    For example:

    -----BEGIN CERTIFICATE-----
    MIIDWzCCAkOgAwIBAgIUY/wbeD1YUiEeBPLpxf8ldkkEE+swDQYJKoZIhvcNAQEL
    BQAwMjELMAkGA1UEBhMCR0IxDzANBgNVBAcMBkxvbmRvbjESMBAGA1UEAwwJbG9j
    YWxob3N0MB4XDTIzMDMyMzEyNDAxMFoXDTIzMDYyMTEyNDAxMFowMjELMAkGA1UE
    BhMCR0IxDzANBgNVBAcMBkxvbmRvbjESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjAN
    BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bftLTaaXXpW1qIDHYTTmeIGvupy
    G/dQpK5Ko9mW9IEcb+wfn2fX8SMHGA7O8TvpqUGEmyoBXIuIFmmeR+w5xQRcKkyi
    NGhIhnUIfOqaevh4MCX/8Ius9NOjF0bz+aWtwOCmWKkNvknRMzClAeVRJm6g+U6m
    IH30TE5H3ItiYxk63MNvuYeqIEK2rEKu69jWvTFkV1Wzd+5rH3ZC9qrt4uryUqAZ
    X6XPx5AkQzbnBRQooDJzhqKgW+7YFWFtwi6WX8poGwx4RuruxYRLEBDfxRCE/1k6
    ALP3IktsVp7rFqwOt0LRNH1+MLly/MIOEA+NjnaIReG3/6Kt7oAqiDCBpQIDAQAB
    o2kwZzAdBgNVHQ4EFgQU6WH9WjEM7cCwzCkNKYmu7vklicowHwYDVR0jBBgwFoAU
    6WH9WjEM7cCwzCkNKYmu7vklicowDwYDVR0TAQH/BAUwAwEB/zAUBgNVHREEDTAL
    gglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggEBAIAELtWEMwzoXnaWRn74JngW
    3DF5IUtdFOiEKPWzdju+RleUsQHm5hsbPxpAz/MDVKIQQBGrJNMNpMtJ1VNlAsJ1
    7gndSkSFf0zw7+DxgKYiwNj7tbBU8yTW+qVyUJh6XUxOHlaLjXzct4jw/NgjrjRZ
    YuwXKCebRf+DUtQGt87rSib+GVpI//XBweyd8D0vFnGPRU9yyAvuqUdfu7enGFMr
    qyBBqTqrTgX9o852lrMnWbc+g+of90Ym9HkVpifmc12jZSJlfS4cykvwnRqwPC9f
    YnNABBMDJwJOM8g69OIRw+67O01ZulRzCvSaSbBEG6xC08XAD7BJn9CPIMypHdw=
    -----END CERTIFICATE-----
    

Upload a public certificate

TODO: Test where we reserve a certificate and the fetch CSR for the new certificate, sign it, and upload the result.

Content Protocol Discovery

List the Content Protocols available

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. List the Content Protocols for the Provisioning Session

    ~/rt-5gms-application-function/install/bin/m1-session protocols -p ${provisioning_session_id}

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in the previous step.

    The available protocols will be listed.

    For example:

    Protocols for 40b75340-c8a3-41ed-9d6e-cbf27240da7a:
      Downlink:
        urn:3gpp:5gms:content-protocol:http-pull-ingest
      No uplink capability
      No geo-fencing capability
    

Content Hosting Provisioning

Add a Content Hosting Configuration without certificates

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. Create the hosting configuration:

    ~/rt-5gms-application-function/install/bin/m1-session set-stream -p ${provisioning_session_id} ~/rt-5gms-application-function/examples/ContentHostingConfiguration_Big-Buck-Bunny_pull-ingest.json

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in the previous step.

  6. Check the provisioning session configuration:

    ~/rt-5gms-application-function/install/bin/m1-session list -v

    This will display the provisioning session created, showing no certificates and the details from the example ContentHostingConfiguration.

    For example:

    2ef78712-c9a0-41ed-ac37-f9964ab0d12a:
      Certificates:
      ContentHostingConfiguration:
        Name: Big Buck Bunny
        Entry Point Path: BigBuckBunny_4s_onDemand_2014_05_09.mpd
        Ingest:
            Type: urn:3gpp:5gms:content-protocol:http-pull-ingest
            URL: https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/
        Distributions:
          - URL: http://localhost/m4d/provisioning-session-2ef78712-c9a0-41ed-ac37-f9964ab0d12a/
            Canonical Domain Name: localhost
    

Note: The m1-session new-stream command is a convience command that will create a provisioning session, generate the ContentHostingConfiguration and set it in the newly created provisioning session. The above can also be done using:

~/rt-5gms-application-function/install/bin/m1-session new-stream -e MyAppId -a MyASPId -n 'Big Buck Bunny' 'https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/' 'BigBuckBunny_4s_onDemand_2014_05_09.mpd'

Add a Content Hosting Configuration which uses an existing certificate

  1. Stop the Application Function if it is already running.

  2. Remove previous configurations:

    rm -rf ~/rt-5gms-application-function/install/var/cache/rt-5gms/af/certificates
  3. Start the Application Function:

    ~/rt-5gms-application-function/install/bin/open5gs-msafd
  4. Create a single Provisioning Session:

    ~/rt-5gms-application-function/install/bin/m1-session new-provisioning-session -e MyAppId -a MyASPId
  5. Create a certificate:

    ~/rt-5gms-application-function/install/bin/m1-session new-certificate -p ${provisioning_session_id}

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in the previous step.

  6. Generate a ContentHostingConfiguration using the certificate:

    sed "s/@certificate-id@/${certificate_id}/g" ~/rt-5gms-application-function/examples/ContentHostingConfiguration_Big-Buck-Bunny_pull-ingest_https.json.tmpl > chc.json

    Where ${certificate_id} is the certificate id of the certificate created in the previous step.

  7. Create the hosting configuration using the generated ContentHostingConfiguration:

    ~/rt-5gms-application-function/install/bin/m1-session set-stream -p ${provisioning_session_id} chc.json

    Where ${provisioning_session_id} is the provisioning session id of the session that was created in step 4.

  8. Check the provisioning session configuration:

    ~/rt-5gms-application-function/install/bin/m1-session list -v

    This will display the provisioning session created, showing no certificates and the details from the example ContentHostingConfiguration.

    For example:

    ed5079d6-c9a4-41ed-b2ad-41232d457177:
      Certificates:
        fbd05ddc-c9a4-41ed-b2ad-41232d457177:
          Serial = 186484472102456711697672477872825927418601662068
          Not before = 2023-03-23 18:03:15+00:00
          Not after = 2023-06-21 18:03:15+00:00
          Subject = C=GB,L=London,CN=localhost
                    key=8A:C2:9A:48:15:6A:15:BB:EE:B7:A0:9E:07:7C:CB:A4:CF:7C:51:F5
          Issuer = C=GB,L=London,CN=localhost
                   key=8A:C2:9A:48:15:6A:15:BB:EE:B7:A0:9E:07:7C:CB:A4:CF:7C:51:F5
          Subject Alternative Names:
            DNS:localhost
      ContentHostingConfiguration:
        Name: Big Buck Bunny
        Entry Point Path: BigBuckBunny_4s_onDemand_2014_05_09.mpd
        Ingest:
            Type: urn:3gpp:5gms:content-protocol:http-pull-ingest
            URL: https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/
        Distributions:
          - URL: https://localhost/m4d/provisioning-session-ed5079d6-c9a4-41ed-b2ad-41232d457177/
            Canonical Domain Name: localhost
            Certificate: fbd05ddc-c9a4-41ed-b2ad-41232d457177
    

Note: The m1-session new-stream command is a convience command that will create a provisioning session, generate the ContentHostingConfiguration and set it in the newly created provisioning session. The above configuration with the m1-session tool can also be done using this single command instead:

~/rt-5gms-application-function/install/bin/m1-session new-stream -e MyAppId -a MyASPId -n 'Big Buck Bunny' --ssl-only 'https://ftp.itec.aau.at/datasets/DASHDataset2014/BigBuckBunny/4sec/' 'BigBuckBunny_4s_onDemand_2014_05_09.mpd'
Clone this wiki locally