-
Notifications
You must be signed in to change notification settings - Fork 7
Home
Fraser Scott edited this page Jan 21, 2015
·
1 revision
Initalise the Org
$ pki.io init test-org
Creating Org entity
Generating Org keys
Creating public copy of org to save locally
Creating org index
Creating Admin entity
Saving admin
Saving org data
Everything else is done in the Org.
$ cd test-org
Create a pairing key associated with some tags
$ pki.io pairing-key new --tags web,db
Pairing ID: 54c035db-f976-29b6-fbf0-75413945ffee
Pairing key: 61dcaf3ae8a6d91ecaf909816967364a
Create a CA associated with one of the tags
$ pki.io ca new web-ca --tags web
Creating new CA
Saving CA
Updating index
And another one, just for fun
$ pki.io ca new db-ca --tags db
Creating new CA
Saving CA
Updating index
Create a node using the pairing key. We could also easily use a for loop to bulk create a load of servers of the same type
$ pki.io node new server1 --pairing-id 54c035db-f976-29b6-fbf0-75413945ffee --pairing-key 61dcaf3ae8a6d91ecaf909816967364a
Creating new node
Generating node keys
Saving node config
Creating public registration document
Pushing public document to org
Saving node
Creating CSRs
Creating new CSR
Saving local CSR
...
Pushing public CSR
Have the org process any new nodes
$ pki.io org register-nodes
Registering nodes
Found 1 nodes to register
Found 0 nodes to register
Now process any new certs for the node
$ pki.io node process-certs --name server1
Found 2 certs to process
Found 1 certs to process
Found 0 certs to process
Creating CSRs
Creating new CSR
Saving local CSR
Pushing public CSR
Creating new CSR
Saving local CSR
Pushing public CSR
Just confirm we have a cert. This ux is messy as you have to magically know the cert id.
$ pki.io node show --name server1 --cert 54c03652-80ae-4e1f-c1ff-4ae63ee3b99b
Certificate:
-----BEGIN CERTIFICATE-----
MIIDBTCCAe+gAwIBAgIQVMA2aVSESkJw5VqM5yX9zjALBgkqhkiG9w0BAQswEDEO
MAwGA1UEAxMFZGItY2EwHhcNMTUwMTIxMjMyOTQ1WhcNMjAwNjI2MjIyOTQ1WjAS
MRAwDgYDVQQDEwdzZXJ2ZXIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
...
0JW7SSOGDZxvR8wCJUun+kv6oAeSiDDnNbwozE8zOusP0I4KyPA0H2R2No6TROLi
2XQARF4lqW0V
-----END CERTIFICATE-----
Private Key:
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAtmwETE4i4AtPPRPPc4MTf8wB/V3lrxukk6W2lkT0smkzNfOz
rJAup277oEqbS+5XK3OMZuzJhcSDhx0JoseVPWliVK1HFjUSK0xo+e9AgS+TRpV7
KTXWforvQ7+p4hKXwCC2Jgmi4Vp13VQGMOwi9rwabBACyPxfSZZBhtPGPfe4RQAQ
...
DkaSdqZUGm3kvjVRb4MQTisFljgF+L6kEyJh6TP383Pz+ypWocpozyytiTI1DgJn
0mYhjyNG+KcpiUUG1khIjFqw1x76Oes+dyk8BxWdUv7N67NZ9zws
-----END RSA PRIVATE KEY-----