diff options
author | Ulf Wiger <ulf@wiger.net> | 2016-02-09 20:43:26 +0100 |
---|---|---|
committer | Ulf Wiger <ulf@wiger.net> | 2016-02-09 20:43:26 +0100 |
commit | 83e57a5094f212caca239b33f4b4e120e10c8fa9 (patch) | |
tree | 63de4b41d4bcc29799277cb35be3445ad7a03b61 /doc | |
parent | 61da41665b77570cd4d5febefc595cf3ea028817 (diff) | |
parent | a3c08b3eea427c2f14a184ecdcab57b6cb3840cc (diff) | |
download | rvi_core-83e57a5094f212caca239b33f4b4e120e10c8fa9.tar.gz |
Merge pull request #74 from magnusfeuer/develop
Develop
Diffstat (limited to 'doc')
-rw-r--r-- | doc/rvi_protocol.md | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/doc/rvi_protocol.md b/doc/rvi_protocol.md index 68cb818..134c67e 100644 --- a/doc/rvi_protocol.md +++ b/doc/rvi_protocol.md @@ -250,7 +250,7 @@ The self signed root certificate used in the examples throughout this document was generated using the following commands: ```Shell -# Create root key and cert signing request +# Create root key pair openssl genrsa -out insecure_root_key.pem 1024 # Create a self-signed root CA certificate, signed by the root key created above @@ -278,7 +278,7 @@ ZA2UwSzj67PBc5umDIAlhVRMX0zH/gLj54rfIkH5zLk= -----END RSA PRIVATE KEY----- ``` -The root key above is checked in as ```priv/sample_keys/insecure_root_key.pem```. +The root key above is checked in as ```priv/keys/insecure_root_key.pem```. The content of the sample ```insecure_root_cert.crt``` file is: @@ -300,7 +300,7 @@ mVrUm0lY/n2ilJQ1hzBZ9lFLq0wfjw== -----END CERTIFICATE----- ``` -The root certificate above is checked in as ```priv/sample_certificates/insecure_root_key.pem```. +The root certificate above is checked in as ```priv/certificates/insecure_root_cert.crt```. **DO NOT USE THE KEYS AND CERTIFICATES ABOVE IN PRODUCTION!<br> @@ -315,10 +315,10 @@ was generated with the following command: # Create the device key. In production, increase the bit size to 4096+ openssl genrsa -out insecure_device_key.pem 1024 -# Create a certificate signing requestsigning request +# Create a certificate signing request openssl req -new -key insecure_device_key.pem -out insecure_device_cert.csr -# Sign the signing request and creaqte the root_cert.crt file +# Sign the signing request and create the insecure_device_cert.crt file openssl x509 -req -days 365 -in insecure_device_cert.csr \ -CA insecure_root_cert.crt -CAkey insecure_root_key.pem \ -set_serial 01 -out insecure_device_cert.crt @@ -368,7 +368,7 @@ PwSMHih1bsTRpyY5Z3CUDcDJkYtVbYs= -----END CERTIFICATE----- ``` -These files are checked into ```priv/sample_certifcates``` and ```priv/sample_keys```. +These files are checked into ```priv/certifcates``` and ```priv/keys```. **DO NOT USE THE KEYS AND CERTIFICATES ABOVE IN PRODUCTION!<br> ANY PRODUCTION KEYS SHOULD BE GENERATED BY THE ORGANIZATION AND BE 4096 BITS LONG.** @@ -472,7 +472,7 @@ Parameter | Required | Description --stop | No | The Unix timestamps when the credential becomes inactive. The generated ```insecure_credential.json``` -and ```insecure_credential.jwt``` are checked into ```priv/sample_credentials```. +and ```insecure_credential.jwt``` are checked into ```priv/credentials```. # DOCUMENTATION ENDS HERE. EVERYTHING BELOW IS RESIDUAL |