1
0
Fork 0
cacert-devsetup/README.md
2020-12-22 08:49:18 +01:00

1.8 KiB

CAcert local development setup

This repository contains a local development environment setup for the CAcert software.

Prerequisites

sudo apt-get update
sudo apt-get install docker.io openssl myrepos
sudo adduser $USER docker
newgrp docker
python3 -m pip install --user -U docker-compose
# make sure that ~/.local/bin is in $PATH 

Usage

git clone https://git.dittberner.info/jan/cacert-devsetup.git
cd cacert-devsetup
mr checkout

Create a .env file that defines the following variables

Variable Usage
MYSQL_ROOT_PASSWORD Database root password
MYSQL_APP_USER Database application user
MYSQL_APP_PASSWORD Database application password
CLIENT_CERT_EMAIL email address for client certificate generated by setup_test_ca.sh
CLIENT_CERT_USERNAME user name for client certificate generated by setup_test_ca.sh
CLIENT_CERT_PASSWORD PKCS#12 keystore password for client certificate generated by setup_test_ca.sh
echo -e "MYSQL_ROOT_PASSWORD=$(openssl rand -base64 18)\nMYSQL_APP_USER=cacert_dev\nMYSQL_APP_PASSWORD=$(openssl rand -base64 18)" > .env
./setup_test_ca.sh
docker-compose up

After these steps you should be able to reach the CAcert application at https://test.cacert.localhost:8443/. The test manager application is reachable at https://mgr.cacert.localhost:9443/.

A client certificate is created by setup_test_ca.sh and is placed in testca/certs/clientcert.p12 which can be imported in a browser to support client certificate authentication.