[Checkins] SVN: keas.kmi/trunk/ Update docs.
Marius Gedminas
marius at pov.lt
Thu Sep 4 16:40:35 EDT 2008
Log message for revision 90836:
Update docs.
Changed:
U keas.kmi/trunk/CHANGES.txt
U keas.kmi/trunk/README.txt
-=-
Modified: keas.kmi/trunk/CHANGES.txt
===================================================================
--- keas.kmi/trunk/CHANGES.txt 2008-09-04 20:35:31 UTC (rev 90835)
+++ keas.kmi/trunk/CHANGES.txt 2008-09-04 20:40:34 UTC (rev 90836)
@@ -5,7 +5,14 @@
0.2.0 (unreleased)
------------------
+- Sample server shows how to enable SSL
+- Command-line client for testing a remote Key Management Server
+
+- Bugfix: LocalKeyManagementFacility was broken (AttributeError: 'RESTClient'
+ object has no attribute 'POST')
+
+
0.1.0 (2008-09-03)
------------------
Modified: keas.kmi/trunk/README.txt
===================================================================
--- keas.kmi/trunk/README.txt 2008-09-04 20:35:31 UTC (rev 90835)
+++ keas.kmi/trunk/README.txt 2008-09-04 20:40:34 UTC (rev 90836)
@@ -12,11 +12,19 @@
$ wget https://localhost:8080/new -O kek.dat --ca-certificate sample.pem
+or, if you want a more convenient tool::
+
+ $ ./bin/testclient https://localhost:8080/new -n > kek.dat
+
The data encryption key can now be retrieved by posting the KEK to another
URL::
$ wget https://localhost:8080/key --header 'Content-Type: text/plain' --post-file kek.dat -O datakey.dat --ca-certificate sample.pem
+or ::
+
+ $ ./bin/testclient https://localhost:8080/new -g kek.dat > datakey.dat
+
Note: To be compliant, the server must use an encrypted communication channel
of course. The ``--ca-certificate`` tells wget to trust the sample self-signed
certificate included in the keas.kmi distribution; you'll want to generate a
More information about the Checkins
mailing list