Skip to content

Latest commit

 

History

History

gnoi_target

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

gNOI Target

A shell binary that implements a gNOI Target supporting OS, Cert, Reset services and Simplified Bootstrapping.

Certificate Management service

This service provides a set of RPCs to Install, Rotate & Revoke Certificates and CA Bundles in a Target. See gNOI Cert proto definition for more.

OS service

This service provides RPCs to Install, Activate and Verify OS installation on a Target. See gNOI OS proto definition for more.

Reset service

This service provides an RPC to Start a factory reset of the Target. This includes resetting all certificates on the Target and setting it to bootstrapped mode. See gNOI Reset proto definition for more.

Bootstrapping mode

If no target certificate and key are provided this target starts in bootstrapping mode allowing any encrypted TLS connection to install certificates and CA bundles. For creating this encrypted connection this target automatically creates a private key and a default self signed Certificate.

Once a Certificate and a CA Certificate bundle is installed via the gNOI service the Target changes its connection to authenticated mode. In this mode, only authenticated TLS connections using the gNOI installed Certificates and CA bundle, are allowed.

Certificates and Key types supported

This Target currently only supports x509 Certificates and RSA Keys.

Install

go get github.com/google/gnxi/gnoi_target
go install github.com/google/gnxi/gnoi_target

Run

./gnoi_target \
  -bind_address :9339 \
  -reset_unsupported true \
  -zero_fill_unsupported true \
  -factoryOS_version 1.0.0b \
  -installedVersions 1.0.1a 2.0.3b