. '''To [[SystemAdministration/Systems|Systems Overview]]''' - '''To Software''' '''[[Software|Software]]''' - '''To Software-Assessment - ''' '''[[Software/Assessment|Software/Assessment]]'''
. To '''[[Software/Assessment/Documentation|Software Asessment Documentation Overview]]'''
----
= Testserver Setup and technical details =
This is a reverse engineering notepad on how the Testserver test.cacert.org has been set up.
<<TableOfContents>>
== Signer ==
The OpenSSL config files in /etc/ssl should be adjusted: crlDistributionPoints, authorityInfoAccess, ...
The Testserver keys have to be provided for download.
== Signer Client ==
ToDo
== Testmgr ==
ToDo
== Blog ==
pages/index/feed.rss get displayed as Latest news on the startpage. Sample page:
{{{
<?xml version="1.0" encoding="UTF-8"?><!-- generator="WordPress/2.5.1" -->
<rss version="0.92">
<channel>
<title>CAcert NEWS Blog</title>
<link>http://blog.cacert.org</link>
<description>CAcert NEWS and up coming events.</description>
<lastBuildDate>Fri, 20 Aug 2010 11:54:30 +0000</lastBuildDate>
<docs>http://backend.userland.com/rss092</docs>
<language>en</language>
<item>
<title>Looking for confirmation email on creating account?</title>
<description>Please go to https://ca-mgr1.it-sls.de/login login with your just created account and password. Under MAIL you'll find your individual confirmation email.
</description>
<link>https://ca-mgr1.it-sls.de/testsystemdoc.html</link>
</item>
</channel>
</rss>
}}}
== Mail ==
The testserver runs a postfix MTA and a dovecot IMAP server.
It looks like all(?) mails sent by the CAcert website installation are redirected into a single IMAP mailbox. The [[Software/Assessment/TestserverManagementSystem|TestManager]] then accesses this mailbox and filters them for the mails to be shown to the logged in user.
The redirection is achieved by this directive in /etc/postfix/main.cf:
{{{
virtual_alias_maps = regexp:/etc/postfix/virtual.regexp
}}}
with virtual.regexp containing
{{{
/.*/ cacertmail
}}}
== CATS ==
It is not essential to set up a CATS server, since passed tests can be created by the TestMgr.
== Changes to the release branch ==
Currently some files of the cacert-devel release branch have to be changed to set up the testserver.<<FootNote(The necessary changes should be included in the Git branch testserver-mods, but since such branches get somewhat outdated as time passes I'm trying to describe the changes in text form.)>>
Note that all those settings should go into a "configuration file" in the future, so that the release branch can be used for a testserver, with all necessary changes included only in config files.
* different logo: www/images/cacert4.png
* different default style: www/styles/default.css
* CommModule/client.pl has to be set up to us ea different serial port, currently "dev/ttyS1". Note that the server uses "dev/ttyS0"
* a matching serial.conf for this dev/ttyS1 is needed
* the production server uses a real USB tty, the test servers use pseudo regular ttys coupled by socat.
* the directories crt and csr must be writeably ba the webserver, usually by making changing their group to "www-data" and adding the group writeable flag (chmod -R g+w crt csr)
* place the testserver certificates in www/certs
* add the pseudo RSS feed pages/index/feed.rss
* add the testserver's GPG keys: www/certs/cacert.asc
* change the IP address of the CATS server in www/cats/cats_import.php
* Add softlinks www/cacert1-revoke.crl to revoke.crl and www/cacert1-class-3-revoke.crl to class-3-revoke.crl<<FootNote("Work around CRLs redirecting to crl.cacert.org", I don't yet understand this...)>>
Not in the repository:
* includes/mysql.php
= Footnotes =
<<FootNote>>
----
. CategorySystems
. CategorySoftware
. CategorySoftwareAssessment
. CategorySoftwareAssessmentDocumentation