<!-- -*- markdown -*- -->

Setting up a minimal system

To setup a minimal system, first make sure you have the "Requirements"
from README.md and then do:

    make release

Removing files from your previous session

    rm -f /tmp/cert1-sct
    rm -rf /tmp/testcert1

Setting up the environment

    mkdir /tmp/testcert1
    make tests-prepare

This will configure the servers to run on port 8080, 8081,
and 8082. If you want to change that, change the configuration files

Starting the servers

    make tests-start

Submitting certificates

    tools/submitcert.py --store tools/testcerts/cert1.txt \
        --check-sct --sct-file=/tmp/cert1-sct

This submits the certificate (in PEM format) in the file
`tools/testcerts/cert1.txt` and appends the resulting SCT to the file
`/tmp/cert1-sct`. It also checks the signature of the SCT.

If you want to submit all the files in a directory, name directory
with a `/` at the end, for example `tools/testcerts/`.

Running merge once

    tools/merge.py --config test/catlfish-test.cfg
        --localconfig test/catlfish-test-local-merge.cfg

This will read the submitted certificates from the storage node,
decide the order, and publish the certificates to the frontend server.

If you want to run the system continuously, run the merge command in
cron or in a while loop. See `packaging/docker/catlfish-dev/merge.sh`
for an example of the latter.

Verifying SCT:s

    tools/verifysct.py --sct-file /tmp/cert1-sct \
        --publickey=tests/keys/logkey.pem \
        --cafile tests/httpsca/demoCA/cacert.pem \

This verifies that all the certs corresponding to the SCT:s in the
file `/tmp/cert1-sct` are actually present in the log.

Running a monitor
An easy way to run a monitor is:

    while true; do
        ./fetchallcerts.py --store /tmp/testcert1 \
        sleep 10

This will fetch all the certificates in a log, verify the consistency
proof between the old and new versions, and save the new STH.

Stopping the system

    make tests-stop

It is important that the system is stopped before running `make
release` again, or the release build will fail.