[Nfd-dev] certificate for interacting with NDN testbed
Junxiao Shi
shijunxiao at email.arizona.edu
Fri Jun 3 14:57:45 PDT 2022
Hi Nikos
Prefix propagation feature uses the default certificate of an identity to
sign the commands.
Currently your default certificate is a self signed certificate:
/ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%
077%84/self/v=1654290874758
You need to set the obtained certificate as the default:
/ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84/NDNCERT/v=1654290901284
You may change the default with `ndnsec set-default` command.
Also, don't forget to serve the certificates with ndn6-serve-certs.
You can export your own certificate with:
ndnsec cert-dump
/ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84/NDNCERT/v=1654290901284
> 0.ndncert
You can retrieve an intermediate certificate with:
ndnpeek -Pf /ndn/gr/edu/mmlab1/KEY/%F7%9C%E4%D3gL%A2%21 | base64 > 1.ndncert
Right after you retrieve those certificates, they will be in the router
cache so that your end host won't be asked for them.
However, serving them locally would become useful when you attempt to
connect to a different router.
Yours, Junxiao
On Fri, Jun 3, 2022 at 17:36 Nikos Fotiou via Nfd-dev <
nfd-dev at lists.cs.ucla.edu> wrote:
> Nevertheless, when I advertise the prefix now I receive:
>
> “failure authorization rejected”
>
>
>
> This is the output of ndnsec-list -vvv
>
> /ndn/gr/edu/mmlab1/aueb/second22
>
> +->* /ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84
>
> +->*
> /ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84/self/v=1654290874758
>
> Certificate Name:
>
>
> /ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84/self/v=1654290874758
>
> Public Key:
>
> Key Type: 256-bit EC
>
>
> MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEn/rAURbPdsUqj/7u6xN05O81A6Jt
>
> yWrcljlhxzLrVP+WC5cniRGg22rzREDRL1GTXWd5LM1PVoI640Ix2cUEXA==
>
> Validity:
>
> Not Before: 2022-06-03T21:14:34
>
> Not After: 2042-05-29T21:14:34
>
> Signature Information:
>
> Signature Type: SignatureSha256WithEcdsa
>
> Key Locator:
> Name=/ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84
>
> Self-Signed: yes
>
> +->
> /ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84/NDNCERT/v=1654290901284
>
> Certificate Name:
>
>
> /ndn/gr/edu/mmlab1/aueb/second22/KEY/%A3%F3%F7%8F%20%077%84/NDNCERT/v=1654290901284
>
> Public Key:
>
> Key Type: 256-bit EC
>
>
> MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEn/rAURbPdsUqj/7u6xN05O81A6Jt
>
> yWrcljlhxzLrVP+WC5cniRGg22rzREDRL1GTXWd5LM1PVoI640Ix2cUEXA==
>
> Validity:
>
> Not Before: 2022-06-03T21:14:35
>
> Not After: 2022-06-18T21:14:34
>
> Signature Information:
>
> Signature Type: SignatureSha256WithEcdsa
>
> Key Locator: Name=/ndn/gr/edu/mmlab1/KEY/%F7%9C%E4%D3gL%A2%21
>
>
>
> * /localhost/operator
>
> +->* /localhost/operator/KEY/%0EC%3B%C8%B0%98%1D%06
>
> +->*
> /localhost/operator/KEY/%0EC%3B%C8%B0%98%1D%06/self/v=1654289508625
>
> Certificate Name:
>
>
> /localhost/operator/KEY/%0EC%3B%C8%B0%98%1D%06/self/v=1654289508625
>
> Public Key:
>
> Key Type: 256-bit EC
>
>
> MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAES6VWBfgXdEeWxs0j1JYsbfTmouzv
>
> 47cndijW+SGal49O6YfVWEO9+1XToummsWZPTAPUib7mgK2mtzBiaCpiRA==
>
> Validity:
>
> Not Before: 2022-06-03T20:51:48
>
> Not After: 2042-05-29T20:51:48
>
> Signature Information:
>
> Signature Type: SignatureSha256WithEcdsa
>
> Key Locator:
> Name=/localhost/operator/KEY/%0EC%3B%C8%B0%98%1D%06
>
> Self-Signed: yes
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20220603/36d8b4d3/attachment.html>
More information about the Nfd-dev
mailing list