Versions Compared

Version Old Version 5 New Version Current
Changes made by

Wilter Torres Enriquez

Saray Cordón Arnau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

See service settings configuration section.

Update One-

...

The Virtual Machine is supplied in an OVA file. One-Shot Optimizer image is compatible with common virtual environments such as VMWare, AWS, Azure or VirtualBox.

STEP 1: Import One-Shot Optimizer (VM) in the virtual environment.

Adjust the system requirements for optimal usage considering host terminal resources described in hardware requirements.

STEP 2: Network configuration.

The network settings are configured in the file ifcfg-ens33, which can be found in the path /etc/sysconfig/network-scripts. Edit the file and insert the correct IP address, network mask, gateway and DNS for your network.

Then restart network services with command service network restart.

Example:

...

STEP 3: Service settings.

...

shot

Run the following commands:

Code Block
cd /opt/oneshot_optimizer
docker-compose down

List all Docker images to find the image ID or name.and then remove the image.

Code Block
docker images

REPOSITORY              TAG                       IMAGE ID       CREATED         SIZE
nginx                   latest                    66f8bdd3810c   7 weeks ago     192MB
oneshot_optimizer       0.2.8                     ec613a792ac5   13 months ago   156MB
oneshot_imgconverter    0.1.18                    b694fdda9066   4 years ago     143MB

Then remove the image.

Code Block
docker rmi nginx:latest
docker rmi oneshot_optimizer:0.2.8
docker rmi oneshot_imgconverter:0.1.18

Load the new Signbox Docker image.

Code Block
docker image load -i oneshot_optimizer.tar
docker image load -i oneshot_imgconverter.tar
docker-compose up -d

Rootstore configuration

As a requirement for LTV/LTVLITE signature level, we must add to the optimizer every chain of trust for each certificate that is involved in the signature.

...

Code Block
1 |[general]
2 |environment = sandbox
3 |usepdfclean = false
4 |configuration = default
5 |rootstore = manual
6 |
7 |[tsa]
8 |tsa_url = https://tsa.uanataca.com/tsa/tss03
9 |
10|[billing]
11|billing_username = user@uanataca.com
12|billing_password = ejVxTnFrZkaI=
13|
14|[request]
15|default_profile = PFnubeQAFCiudadano
16|default_ra = 1000
17|
18|[proxy]
19|useproxy = false
20|proxy_host = 192.168.1.34
21|proxy_port = 8888
22|proxy_protocol = http
23|proxy_username = user 24|proxy_password = password
25|useproxycredentials = true

STEP 3: Execute the script

It is needed the execution of the script INSIDE the container, this can be done through

Code Block
docker exec -it <container_id> ./dockergeneraterootstore.sh

STEP 4: Restart the service

After all the desired certificates have been loaded into the optimizer and the script got executed, we must fully restart the services with

Code Block
docker compose down

Followed by

Code Block
docker compose up -d

OVA

STEP 1: Load certificates in the optimizer

Load the PEM files in the following path:

Code Block
/opt/bit4id/oneshot_optimizer/rootstore/cert

...

 http
23|proxy_username = user
24|proxy_password = password
25|useproxycredentials = true

STEP 3: Execute the script

It is needed the execution of the script that must be located at /opt/bit4id/oneshot_optimizer INSIDE the container, this can be done through

Code Block
docker exec -it <container_id> ./generaterootstoredockergeneraterootstore.sh

STEP 34: Restart the service

After all the desired certificates have been loaded into the optimizer and the script got executed, we must fully restart the services with

Code Block
systemctldocker stop optimizer imgconverter nginxcompose down

Followed by

Code Block
systemctldocker startcompose optimizer imgconverter nginxup -d

Service settings

Requirements:

...