Privakey Documentation

Welcome to Privakey's documentation pages. You'll find comprehensive documentation and guides to help you start working with Privakey as quickly as possible. If you can't find the help you need, feel free to reach out to support@privakey.com

Deployment

Prerequisites

An internet accessible server with:

  • Node 8.11
  • NPM, installed globally
  • OpenSSL
  • Firebase Project and Credential

    • Privakey uses Firebase by default for notification delivery. Support for other frameworks can be added if necessary
  • MySQL 5.7

    • With minimal support from Privakey other relational databases can be supported
  • SSL protected endpoints
    • If SSL is managed by the Node server (versus, for example, a load balancer or reverse proxy) SSL certificates will need to be acquired, stored and referenced in environment variables.

Database Installation

  1. Initialize the Database
    1. Create the database:
      1. Default Name: privakey_cx
      2. Create a user with read / write access to run initial scripts
      3. This user can also be used for Auth Service access, alternatively, you can create a distinct user for Auth Service access to the DB.
    2. Run DB Scripts
      1. Scripts are found in PrivakeyCX/sql directory
      2. Execute privakeycx.sql first. (items in this file should not be changed)
      3. Execute insert_constants.sql (items in this file should not be changed)
      4. Execute config_table_values.sql script.

Server Installation

  1. Copy the PrivakeyCX Auth Service distribution to the server.
  2. Run npm install --production from the project root.
  3. Generate a signing certificate on the Node Server
    From within the root of the PrivakeyCX directory execute the following commands:
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 1000 -out certificate.pem 
-sha256 -subj "/CN=localhost"

openssl pkcs12 -inkey key.pem -in certificate.pem -export -out privakeyservice.pfx
  1. Review and set Config Values in config.json found in the project’s root directory

port

The port the service will run on

logLevel

Options include: off, error, warn,
info, verbose, debug or silly.

logName

Path and name of where the file
should be generated, relative to
project root.

maxRequestSize

Maximum, overall size of
generateRequest object allowable.
Reccomended size: 2mb

signingCertPath

The path, relative to the project
root of the signing certificate
generated in Step 2.

Set up initial Environment Variables:

Key
Value / Value Description

CERT_PW

The password for the certificate created in
step 2.

OPENSSL_PATH

The path to the Open SSL executable. This
normaly can be discovered by typing which openssl at a command prompt.

DATA_TYPE

mysql

DATA_HOST

Address of DB

DATA_PORT

Port for DB

DATA_USER

A mySQL user with read / write access to DB
set up in step 1 of the Database Installation.

DATA_PW

Password for DATA_USER

DATA_NAME

privakey_cx
Should not be changed unless the database script was modified with an alternate name.

CX_DATA_KEY

Any string used for data at rest encryption
(primarily for challenge origin credential
storage)

FIREBASE_CRED

FIREBASE_DB

USE_SSL

true if the application is managing SSL.
Otherwise, false

SSL_KEY_PATH

Required if USE_SSL is true.
./cert/server.key is the recommended location
/ name for this key.

SSL_CERT_PATH

Required if USE_SSL is true. ./cert/server.crt
is the recommended location / name for this
file.

COMM_SERVER_URL

http://[server name]:[server port]/communication/send

COMM_SERVER_KEY

Generated during the bootstrapping process. See bootstrap the system

COMM_SERVER_ID

2

You are now ready to bootstrap the system

Deployment


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.