Skip to content

Latest commit

 

History

History
55 lines (40 loc) · 1.73 KB

README.md

File metadata and controls

55 lines (40 loc) · 1.73 KB

Shaka Lab Cert Receiver

The Shaka Lab Cert Receiver package creates a service account to receive certificates generated by the Shaka Lab Cert Generator package. This simplifies the scenario that we are in with Shaka, where we need to generate TLS certificates for HTTPS-based testing, but they have to be generated in one place (Google Compute Engine) and consumed elsewhere (in our lab).

For more details, see the shaka-lab-cert-generator package.

This package is available for Linux only.

Pre-requisites

It is assumed that:

  1. You have installed shaka-lab-cert-generator elsewhere.
  2. The device running shaka-lab-cert-generator has a way to SSH into the device running shaka-lab-cert-reciever.
  3. The device running shaka-lab-cert-receiver will host the tests, e.g. with shaka-lab-github-runner.

Installation

curl -L https://shaka-project.github.io/shaka-lab/public.key | \
    sudo tee /etc/apt/trusted.gpg.d/shaka-lab.asc
echo deb https://shaka-project.github.io/shaka-lab/ stable main | \
    sudo tee /etc/apt/sources.list.d/shaka-lab.list
sudo apt update

sudo apt -y install shaka-lab-cert-receiver

SSH Authorization

To allow the shaka-lab-cert-generator package to automatically transfer the certificates to this device, you must authorize it to do so. After installation of both packages, as root, edit /opt/shaka-lab/shaka-lab-cert-receiver/.ssh/authorized_keys and paste the contents of the other device's /opt/shaka-lab/shaka-lab-cert-generator/cert-host-id.pub.

Updates

sudo apt update && sudo apt -y upgrade

Uninstallation

sudo apt remove -y shaka-lab-cert-receiver