]> git.saurik.com Git - apple/security.git/blame_incremental - SecurityTests/clxutils/dotMacTool/README
projects / apple / security.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Security-57740.31.2.tar.gz
[apple/security.git] / SecurityTests / clxutils / dotMacTool / README
... / ...
CommitLineData
1dotMacTool notes May 4 2004
2
3-- for now you need this in /etc/hosts:
4
5# for INT2
617.207.20.182 int-cert certmgmt.mac.com certinfo.mac.com
7
8# or, for INT1
917.207.43.109 qa-cert certmgmt.mac.com certinfo.mac.com
10
11-- A good way to run tcpdump to show HTTP traffic on port 2150:
12
13 tcpdump -i en0 -s 0 -A -q tcp port 2150
14
15-- renew cert for existing account doug1 with password 123456:
16
17tower.local:dotMacTool> dotMacTool g -g -u doug1 -Z 123456 -k foobar -r -o /tmp/c2.pem
18<<<snip away debug logging>>>
19...cert acquisition complete
20...2496 bytes of Cert written to /tmp/c2.pem
21
22==============================================
23
24-- demo queued response and retrieval
25 -- set FORCE_SUCCESS_QUEUED to 1 in dotMacTpRpcGlue.cpp, this turns a full
26 success RPC into a successQueued RPC
27
28tower.local:dotMacTool> dotMacTool g -g -u doug1 -Z 123456 -k foobar -r -o /tmp/refid.pem
29<<<snip away debug logging>>>
30...Forcing REQ_QUEUED status
31...cert acquisition complete
32...105 bytes of Cert written to /tmp/refid.pem
33
34...then lookup....
35
36tower.local:dotMacTool> dotMacTool l -f /tmp/refid.pem -o /tmp/cert.pem
37<<<snip away debug logging>>>
38...cert retrieval complete
39...10010 bytes of cert data written to /tmp/cert.pem
40
41==============================================
42
43TO DO
44-----
45
46-- DOT_MAC_LOOKUP_ID_PATH* consts in dotMacTp.h will change to allow loopkup of one
47 specific cert
48-- DOT_MAC_SIGN_HOST_NAME and DOT_MAC_LOOKUP_HOST will change to avoid the port 2150
49
50..........
51
52Aug 10 testing
53
54-- use INT1 environment
55
56