Versions Compared

Version Old Version 8 New Version 9
Changes made by

Nivetha

Nivetha

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Pre-requisites

...

Info

Please update all the URLs as per your environment

Step 1: Register the “Device Partner” using the Partner Management Portal
https://pmp.dev.mosip.net/

...

If the “Register” option is not found. login to keycloak → realm settings → login → enable user registration and refresh pmp portal..

image-20241119-083923.png

...

Step 2: To Create Mock CA, Sub CA and Partner Certificates using the CA Certificate Utility

...

Info

The “Organization name” passed while registering the partner has to be used to create the client certificate.

Step 3: After the completion of the above steps, the certificates are created in the same folder. The required certificate sheets are highlighted below.

...

Step 4: Steps to upload the above certificates in MOSIP.

...

Info

Once uploaded, you can click on “View Certificate” button and see a certificate. The certificate which is displayed on screen is a signed response where the trust chain has been changed to the MOSIP. This certificate is also known as MOSIP signed device provider certificate.

This certificate is uploaded to the MOSIP Key Manager DB “keymgr.partner_cert_store “ table and then “master.ca_cert_store” table via. websub. The “master.ca_cert_store” later is synced by the registration client to create the registration client trust store.

So, in the “master.ca_cert_store”, you would find at least three certificates i.e MOSIP root certificate, MOSIP PMS certificate and the signed partner certificate. The partner certificates in the trust store increase depending on the numbers of partner certificates being uploaded.

Step 5: To Add the MOSIP signed certificate to the CA Cert Utility folder

  1. Copy the text shown when you can click on “View Certificate”

  2. Open a new notepad++ file and place the data

  3. Find all blank spaces and replace with \n with search mode as “Regular Expression” to make it a “crt” file

  4. Name the file “mosip-signed.crt” and save it in the same directory as CA Cert Utility

...

Step 6: Generate Device.p12 file

  1. Run “create-device-keystore.sh” and enter values as below, and notice the signed-Device.crt has been created.

...

  1. Download the latest mock MDS .zip from the URL: https://github.com/mosip/mosip-mock-services/tree/master. Open git bash and run the following commands. Reference picture attached.

Code Block
cd d:/mockmds  -----(Desired directory)
git clone https://github.com/mosip/mosip-mock-services.git
cd mosip-mock-services
git checkout v1.2.0.2 ---(Checkout to the latest)

...

  1. Place the device certificates created in the certificate paths as highlighted below in the mock MDS:
    respectively for face, Finger – single and slap and Iris – Double and single.

    Image Modified

  2. Modify the “application.properties” file as below after placing the certificates are placed.

    Image Modified

  • Change the keystorefilename, keyalias and keystorepwd as given below for Finger – single and slap and Iris – Double and single.

...