<!-- -*- markdown -*- -->

Setting up a minimal system
===========================

To setup a minimal system, first make sure you have the "Requirements"
from README.md and then do:

    make
    make release


Removing files from your previous session
---------------------------------------

    rm -f /tmp/cert1-sct
    rm -rf /tmp/testcert1


Setting up the environment
----------------------

    mkdir /tmp/testcert1
    make tests-prepare

This will configure the servers to run on 127.0.0.1 port 8080, 8081,
and 8082. If you want to change that, change the configuration files
`test/*.cfg`.

Starting the servers
--------------------

    make tests-start

Submitting certificates
-----------------------

    tools/submitcert.py --store tools/testcerts/cert1.txt \
        --check-sct --sct-file=/tmp/cert1-sct https://127.0.0.1:8080/

This submits the certificate (in PEM format) in the file
`tools/testcerts/cert1.txt` and appends the resulting SCT to the file
`/tmp/cert1-sct`. It also checks the signature of the SCT.

If you want to submit all the files in a directory, name directory
with a `/` at the end, for example `tools/testcerts/`.


Running merge
-------------

To run merge once, do

    tools/merge --config test/catlfish-test.cfg
        --localconfig test/catlfish-test-local-merge.cfg

This will read the submitted certificates from the storage node,
decide the order, and publish the certificates to the frontend server.

If you want to run merge continuously, use `--mergeinterval' or run
the merge command in a while loop. See
`catlfish-dockerfiles/catlfish-dev/merge.sh` for an example of the
latter.

Verifying SCT:s
---------------

    tools/verifysct.py --sct-file /tmp/cert1-sct \
        --publickey=tests/keys/logkey.pem \
        --cafile tests/httpsca/demoCA/cacert.pem \
        https://127.0.0.1:8080/

This verifies that all the certs corresponding to the SCT:s in the
file `/tmp/cert1-sct` are actually present in the log.

Running a monitor
-----------------
An easy way to run a monitor is:

    while true; do
        ./fetchallcerts.py --store /tmp/testcert1 \
            --write-sth https://127.0.0.1:8080/;
        sleep 10
    done

This will fetch all the certificates in a log, verify the consistency
proof between the old and new versions, and save the new STH.

Stopping the system
-------------------

    make tests-stop

It is important that the system is stopped before running `make
release` again, or the release build will fail.