Skip to content

Commit bd9d6c0

Browse files
pranavjain97pranavjain97
committed
fix(mbe, awm): add missing client cert to README
Ticket: WP-5574
1 parent 2ef7edb commit bd9d6c0

File tree

1 file changed

+16
-8
lines changed

1 file changed

+16
-8
lines changed

README.md

Lines changed: 16 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -51,8 +51,8 @@ npm run build
5151

5252
```bash
5353
# Generate private key and certificate for testing
54-
openssl genrsa -out server.key 2048
55-
openssl req -new -x509 -key server.key -out server.crt -days 365 -subj "/CN=localhost"
54+
openssl genrsa -out demo.key 2048
55+
openssl req -new -x509 -key demo.key -out demo.crt -days 365 -subj "/CN=localhost"
5656
```
5757

5858
### Development Setup
@@ -86,28 +86,36 @@ npm run container:build --build-arg PORT=3080
8686
```bash
8787
export APP_MODE=advanced-wallet-manager
8888
export KMS_URL=https://your-kms-service
89-
export SERVER_TLS_KEY_PATH=./server.key
90-
export SERVER_TLS_CERT_PATH=./server.crt
91-
export KMS_SERVER_CA_CERT_PATH=./server.crt
89+
export SERVER_TLS_KEY_PATH=./demo.key
90+
export SERVER_TLS_CERT_PATH=./demo.crt
91+
export KMS_CLIENT_TLS_KEY_PATH=./demo.key
92+
export KMS_CLIENT_TLS_CERT_PATH=./demo.crt
93+
export KMS_SERVER_CA_CERT_PATH=./demo.crt
9294
export KMS_SERVER_CERT_ALLOW_SELF_SIGNED=true
9395
export CLIENT_CERT_ALLOW_SELF_SIGNED=true
9496
npm start
9597
```
9698

99+
**Note:** KMS client certificates are required for outbound mTLS connections. For testing, we reuse the demo certificates, but in production, use separate certificates for security.
100+
97101
### 2. Start Master Express
98102

99103
```bash
100104
export APP_MODE=master-express
101105
export BITGO_ENV=test
102-
export SERVER_TLS_KEY_PATH=./server.key
103-
export SERVER_TLS_CERT_PATH=./server.crt
106+
export SERVER_TLS_KEY_PATH=./demo.key
107+
export SERVER_TLS_CERT_PATH=./demo.crt
104108
export ADVANCED_WALLET_MANAGER_URL=https://localhost:3080
105-
export AWM_SERVER_CA_CERT_PATH=./server.crt
109+
export AWM_CLIENT_TLS_KEY_PATH=./demo.key
110+
export AWM_CLIENT_TLS_CERT_PATH=./demo.crt
111+
export AWM_SERVER_CA_CERT_PATH=./demo.crt
106112
export AWM_SERVER_CERT_ALLOW_SELF_SIGNED=true
107113
export CLIENT_CERT_ALLOW_SELF_SIGNED=true
108114
npm start
109115
```
110116

117+
**Note:** AWM client certificates are required for outbound mTLS connections to Advanced Wallet Manager. For testing, we reuse the demo certificates, but in production, use separate certificates for security.
118+
111119
### 3. Test the Connection
112120

113121
```bash

0 commit comments

Comments
 (0)