[Nfd-dev] Moving certs around
Junxiao Shi
shijunxiao at email.arizona.edu
Sun Sep 11 18:06:17 PDT 2016
Hi Jeff
It's not recommended to copy private keys across machines. The best
practice is to request a different certificate for each machine.
With that being said, ndnsec-export can write a key pair (certificate and
private key) into a file protected by a password. This file can then be
copied to another machine, and installed via ndnsec-import command. These
commands must be called with "-p" option (to include private key); they are
useless otherwise (returns an error).
An example of using these commands is in
https://yoursunny.com/t/2016/nfd-prefix/ "where's the key chain" section.
"sudo HOME=/var/lib/ndn/nfd -u ndn" portion is used to select PPA NFD's key
chain, and you should omit this part if you are dealing with user's key
chain.
Yours, Junxiao
On Sun, Sep 11, 2016 at 12:50 PM, Burke, Jeff <jburke at remap.ucla.edu> wrote:
> Hi folks,
>
>
>
> Are there any instructions around on the best/easiest way to move or copy
> NDN certs (including the private key) from system to system, especially
> from MacOS to/from tpm-based stores? (I have a sort of painful method
> worked out, but was hoping for something easier.)
>
>
>
> Thanks,
>
> Jeff
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20160911/a6a5f425/attachment.html>
More information about the Nfd-dev
mailing list