diff options
Diffstat (limited to 'base/kra/functional/drmclient.readme.txt')
-rw-r--r-- | base/kra/functional/drmclient.readme.txt | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/base/kra/functional/drmclient.readme.txt b/base/kra/functional/drmclient.readme.txt new file mode 100644 index 000000000..833c5ce3c --- /dev/null +++ b/base/kra/functional/drmclient.readme.txt @@ -0,0 +1,50 @@ +Running drmclient.py: + +The python drmclient currently requires a little setup to be run. + +1. Create a working directory - the code uses /tmp/drmtest +2. In that directory, create an NSS database. In this doc, we will use the + password redhat123 as the password for the NSS db. + + certutil -N -d /tmp/drmtest + +3. Add a password file /tmp/drmtest/pwdfile.txt. It should contain the password for + the NSS database. + +4. Put the transport certificate in a file /tmp/drmtest/transport.crt in binary format. + + certutil -L -d /var/lib/pki-kra/alias -n "DRM Transport Certificate" -a > /tmp/drmtest/transport.asc + AtoB /tmp/drmtest/transport.asc /tmp/drmtest/transport.crt + +5. Import the transport certificate into the certificate databse in /tmp/drmtest. + certutil -A -d /tmp/drmtest -n "DRM Transport Certificate" -i /tmp/drmtest/transport.asc + +5. Run GeneratePKIArchiveOptions to generate some test data. Specifically we will be + using it to generate a symmetric key and its associated PKIArchoveOptions structure + to be archived. + + GeneratePKIArchiveOptions -k /tmp/drmtest/symkey.out -w redhat123 -t /tmp/drmtest -o /tmp/drmtest/options.out + +6. Run the python code. You will likely need some python modules - python-lxml, python-nss + and ipapython. + + The code has the following usage: + +usage: drmclient.py [-h] [-d WORK_DIR] [--options OPTIONS_FILE] + [--symkey SYMKEY_FILE] [--host KRA_HOST] [-p KRA_PORT] + [-n KRA_NICKNAME] + +Sample Test execution + +optional arguments: + -h, --help show this help message and exit + -d WORK_DIR Working directory + --options OPTIONS_FILE + File containing test PKIArchiveOptions to be archived + --symkey SYMKEY_FILE File containing test symkey + --host KRA_HOST DRM hostname + -p KRA_PORT DRM Port + -n KRA_NICKNAME DRM Nickname + +For example: +python pki/base/kra/functional/drmclient.py -d /tmp/drmtest -p 10200 -n "DRM Transport Certificate - alee eclipse domain 2" |