Skip to content

docs: installation#94

Open
naftis wants to merge 4 commits intomainfrom
installation-docs
Open

docs: installation#94
naftis wants to merge 4 commits intomainfrom
installation-docs

Conversation

@naftis
Copy link
Member

@naftis naftis commented Apr 22, 2025

Initial installation documentation. I added it here for starters, we will probably move these to Gitbook.

tahmidrahman-dsi
tahmidrahman-dsi approved these changes Apr 22, 2025
View reviewed changes
Copy link
Contributor

@tahmidrahman-dsi tahmidrahman-dsi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. 👍🏼

@tahmidrahman-dsi
Copy link
Contributor

tahmidrahman-dsi commented Apr 22, 2025

Should we put id reader realated form configuration changes documented in this repo under /docs? @naftis

@naftis
Copy link
Member Author

naftis commented Apr 23, 2025
edited
Loading

@tahmidrahman-dsi You can either directly add them to Gitbook, or amend this pull request under /docs. I think we will move these both to Gitbook when we are ready, then Euan can proof read and amend. So I just made this for our convenience :D

naftis and others added 2 commits April 23, 2025 14:47
@naftis
chore: remove todo comments from would they throw
33a64ff 
I dont think they would throw as the verifyNid API is called on-demand and the file is opened on demand in MOSIPAuthenticator
@naftis
Update installation.md
4612bec
@naftis
Copy link
Member Author

naftis commented Apr 24, 2025
edited
Loading

@tahmidrahman-dsi

Some non-obvious documentation things:

  1. External validation workqueue needs to be enabled from country-config default settings
  2. FAQ
  • JWSSignatureVerificationFailed
  • Invalid RSAES-OAEP padding

@tahmidrahman-dsi
Copy link
Contributor

tahmidrahman-dsi commented Apr 25, 2025

@tahmidrahman-dsi

Some non-obvious documentation things:

  1. External validation workqueue needs to be enabled from country-config default settings

I'll continue amending if more comes into mind..

Please feel free to have a look @naftis https://app.gitbook.com/o/zub8C4BetmW3a9Bj4Cd4/s/esn2q91OsFQf7ZqR8thb/~/revisions/UpoFPVYrQo17nWTN7grd/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.5-set-up-application-settings#id-1.-prepare-global-functional-settings
in the external validation workqueue section

The PR opencrvs/documentation#21
cc: @euanmillar

@naftis
Copy link
Member Author

naftis commented May 7, 2025
edited
Loading

Certificates

keystore.p12

  • What is it for?
  • How can you generate it?

ida-partner.crt

  • What is it for?
  • How can you generate it?

esignet-jwk.txt

  • What is it for?

Instructions for Linux / Mac / WSL

  1. Install Python library jwcrypto
pip install jwcrypto
  1. Generate a private key PEM
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out private_key.pem

You might want to save this to a secure trusted place

For OpenCRVS

  1. Generate a Base64 private JWK from the PEM. This always produces the same result from the same private key, no need to save this.
python3 -c "from jwcrypto import jwk; k = jwk.JWK.from_pem(open('private_key.pem','rb').read()); k.use = 'sig'; k.alg = 'RS256'; print(k.export(private_key=True))" | base64

For MOSIP

  1. Generate a public JWK from the PEM. Also always produces same result.
python3 -c "from jwcrypto import jwk; k = jwk.JWK.from_pem(open('private_key.pem','rb').read()); k.use = 'sig'; k.alg = 'RS256'; print(k.export(private_key=False))"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tahmidrahman-dsi tahmidrahman-dsi tahmidrahman-dsi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@naftis @tahmidrahman-dsi