Create Approver (Legacy)
- OpenSSL
- HSM
- Primus Key Authenticator
openssl req -new -x509 -nodes -sha256 -newkey ec -days 3650 -subj '/CN=FinanceOfficer1' -keyout finance-officer-1.key -out finance-officer-1.crt
The OpenSSL command above generated two files:
- finance-officer-1.key
- finance-officer-1.crt
Use this command to extract the public key and then add it to SKA-Key's policy:
openssl x509 -pubkey -noout -in timestamp-signer.crt
Create an approval key within the HSM.
POST: /v1/key
{
"label": "finance-officer-1",
"password": null,
"algorithm": "EC",
"curveOid": "1.2.840.10045.3.1.7",
"attributes": {
"decrypt": false,
"sign": true,
"unwrap": false,
"extractable": false,
"modifiable": true,
"destroyable": true,
"copyable": false
},
"policy": null
}
Response: Extract the public-key
from the create key response and then add it to SKA-Key's policy:
"json": {
"label": "finance-officer-1",
...
"publicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBSBisLXR8Lsdpsc9JFeFYzMegPqufyNjk6ncWOFbb9bPMuM3I6SSDzwFNX+XvVO1EkfavxaXQcH43sEuKeYGKw==",
"addressTruncated": null,
"attributes": {
...
}
You can use the Primus Key Authenticator.
Click on the top-left SHARE PUBLIC-KEY
to copy the public-key to clipboard and then add it to SKA-Key's policy.