From fff8676a09ddba37da5fdacee491e5f24767dc2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martynas=20Jusevi=C4=8Dius?= Date: Fri, 7 Feb 2025 14:09:51 +0100 Subject: [PATCH] README update --- README.md | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 5bb9aa51a..74db7e798 100644 --- a/README.md +++ b/README.md @@ -57,19 +57,23 @@ It takes a few clicks and filling out a form to install the product into your ow OWNER_STATE_OR_PROVINCE=Denmark OWNER_COUNTRY_NAME=DK ``` - 3. Setup SSL certificates/keys by running this from command line (replace `$owner_cert_pwd` and `$secretary_cert_pwd` with your own passwords): - ``` - ./scripts/setup.sh .env ssl $owner_cert_pwd $secretary_cert_pwd 3650 + 3. Setup server's SSL certificates by running this from command line: + ```shell + ./scripts/server-cert-gen.sh .env nginx ssl ``` The script will create an `ssl` sub-folder where the SSL certificates and/or public keys will be placed. 4. Launch the application services by running this from command line: - ``` + ```shell docker-compose up --build ``` It will build LinkedDataHub's Docker image, start its container and mount the following sub-folders: + - `ssl` + * `owner` stores root owner's WebID certificate, keystore, and public key + * `secretary` stores root application's WebID certificate, keystore, and public key + * `server` stores the server's certificate (also used by nginx) - `data` where the triplestore(s) will persist RDF data - `uploads` where LDH stores content-hashed file uploads - The first should take around half a minute as datasets are being loaded into triplestores. After a successful startup, the last line of the Docker log should read something like: + It should take up to half a minute as datasets are being loaded into triplestores. After a successful startup, the last line of the Docker log should read something like: ``` linkeddatahub_1 | 09-Feb-2021 14:18:10.536 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [32609] milliseconds ``` @@ -78,7 +82,15 @@ It takes a few clicks and filling out a form to install the product into your ow - Mozilla Firefox: `Options > Privacy > Security > View Certificates... > Import...` - Apple Safari: The file is installed directly into the operating system. Open the file and import it using the [Keychain Access](https://support.apple.com/guide/keychain-access/what-is-keychain-access-kyca1083/mac) tool (drag it to the `local` section). - Microsoft Edge: Does not support certificate management, you need to install the file into Windows. [Read more here](https://social.technet.microsoft.com/Forums/en-US/18301fff-0467-4e41-8dee-4e44823ed5bf/microsoft-edge-browser-and-ssl-certificates?forum=win10itprogeneral). - 6. Open **https://localhost:4443/** in that web browser + 6. For authenticated API access use the `ssl/owner/cert.pem` HTTPS client certificate. + If you are running Linux with user other than `root`, you might need to fix the certificate permissions because Docker bind mounts are owned by `root` by default. For example: + ```shell + sudo setfacl -m u:$(whoami):r ./ssl/owner/* + ``` + 7. Open **https://localhost:4443/** in the web browser or use `curl` for API access, for example: + ```shell + curl -k -E ./ssl/owner/cert.pem: -H "Accept: text/turtle" 'https://localhost:4443/' + ``` ### Notes