search

ome / omero-certificates

OMERO server certificate management plugin
https://www.openmicroscopy.org/omero
GNU General Public License v2.0
0 stars 7 forks source link

Update README for release #1

Closed manics closed 4 years ago

manics commented 4 years ago

Update travis URL and pip instructions

joshmoore commented 4 years ago

Can you also expand on this while you're here:

(py36) /opt/omero-py $ omero certificates --help
usage: /opt/anaconda/envs/py36/bin/omero certificates [-h] [--verbose]

OMERO server certificate management

Optional Arguments:
  In addition to any higher level options

  -h, --help          show this help message and exit
  --verbose, -v       Increase verbosity (can be used multiple times)

Including needed environment variables:

(py36) /opt/omero-py $ omero certificates
OMERODIR not set

And expected output (and the fact that config is changed):

(py36) /opt/omero-py $ omero certificates
OpenSSL 1.1.1d  10 Sep 2019
Generating RSA private key, 2048 bit long modulus (2 primes)
................................+++++
.............................................+++++
e is 65537 (0x010001)
manics commented 4 years ago

Updated. Travis hasn't been enabled on this repo yet.

joshmoore commented 4 years ago

Enabled. Re-opening.

manics commented 4 years ago

I've switched to omero.certificates. for all custom properties, removed setup.omero.certificates and updated the help message.

joshmoore commented 4 years ago

A. Currently no way to disable. I assume that's the intent?

B. Re-running still overwrites, which is ok?

(py36) /opt/ome9/dist $omero certificates
OpenSSL 1.1.1d  10 Sep 2019
Generating RSA private key, 2048 bit long modulus (2 primes)
.....+++++
....+++++
e is 65537 (0x010001)
certificates created: /tmp/ome1/certs/server.key /tmp/ome1/certs/server.pem /tmp/ome1/certs/server.p12
(py36) /opt/ome9/dist $omero certificates
OpenSSL 1.1.1d  10 Sep 2019
certificates created: /tmp/ome1/certs/server.pem /tmp/ome1/certs/server.p12

C :+1:

(py36) /opt/ome9/dist $omero certificates --help
usage: /opt/anaconda/envs/py36/bin/omero certificates [-h] [--verbose]

OMERO server certificate management

Creates self-signed certificates and adds IceSSL configuration properties to
the OMERO.server configuration to enable use of the certificates.

The OMERODIR environment variable must be set to the location of OMERO.server.

OMERO configuration properties
------------------------------

  omero.glacier2.IceSSL.DefaultDir: The directory for storing certificates,
    defaults to {omero.data.dir}/certs

The remaining properties should only be modified by advanced users. If you do
not know what these are leave them unchanged.

  omero.certificates.commonname: The certificate subject CommonName
  omero.certificates.owner: The certificate subject excluding CommonName
  omero.certificates.key: Name of the key file
  omero.glacier2.IceSSL.CertFile: PKCS12 file name
  omero.glacier2.IceSSL.CAs: Certificate file name
  omero.glacier2.IceSSL.Password: PKCS12 password
  omero.glacier2.IceSSL.Ciphers: IceSSL ciphers
  omero.glacier2.IceSSL.ProtocolVersionMax: Maximum SSL/TLS protocol
  omero.glacier2.IceSSL.Protocols: SSL/TLS protocols

Optional Arguments:
  In addition to any higher level options

  -h, --help          show this help message and exit
  --verbose, -v       Increase verbosity (can be used multiple times)

(D) From my side, happy to see this get tagged and then we can iterate on the above. 0.1.0 or 1.0.0?

manics commented 4 years ago

A. Currently no way to disable. I assume that's the intent?

Yes, I thought I'd simplify it, we can always add it back later

B. Re-running still overwrites, which is ok?

Yes, no clients verify the certificate so this is an easy way to avoid dealing with expiration dates

D

As with other new repos how about start with 0.1.0 and move to 1.0.0 after it's had some use?

joshmoore commented 4 years ago

Ok. Merging and releasing as 0.1.0 but that leaves for follow-ups: