5:43 p.m.
Hi,
I've followed the recipe (
https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe)
but didn't get it to run yet;
I think a step is missing -- the AIK is not available is
/usr/share/oat-client (it was not available in
/var/lig/oat-appraiser/ClientFiles either);
when I try to run provisioner.sh, I get the following:
provisioner.sh: line 7: systemctl: command not found
### ecStorage = NVRAM###
Performing TPM provisioning...710
DONE
Successfully initialized TPM
Performing HIS identity provisioning...FAILED
java.util.NoSuchElementException
at java.util.StringTokenizer.nextToken(StringTokenizer.java:349)
at
gov.niarl.his.privacyca.TpmModule.executeVer2Command(TpmModule.java:215)
at
gov.niarl.his.privacyca.TpmModule.collateIdentityRequest(TpmModule.java:292)
at
gov.niarl.his.privacyca.HisIdentityProvisioner.main(HisIdentityProvisioner.java:225)
Failed to receive AIC from Privacy CA, error 1
Registering identity with server...FAILED
java.io.FileNotFoundException: /usr/share/oat-client/aik.cer (No such file
or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:137)
at java.io.FileInputStream.<init>(FileInputStream.java:96)
at gov.niarl.his.privacyca.TpmUtils.certFromFile(TpmUtils.java:612)
at
gov.niarl.his.privacyca.HisRegisterIdentity.main(HisRegisterIdentity.java:99)
Failed to register identity with appraiser, error 1
Thanks,
/Nicolae
On 27 October 2013 22:55, Nicolae Paladi <n.paladi(a)gmail.com> wrote:
Awesome, thanks!
I'll try this out in the morning
/Nicolae
On 27 October 2013 17:03, Wei, Gang <gang.wei(a)intel.com> wrote:
> Please refer to
>
> https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe
> .
>
> Jimmy
>
>
> > -----Original Message-----
> > From: Doron Fediuck [mailto:dfediuck@redhat.com]
> > Sent: Sunday, October 27, 2013 11:53 PM
> > To: Nicolae Paladi
> > Cc: users(a)ovirt.org; Wei, Gang
> > Subject: Re: [Users] Trusted Pools and CentOS 6 packages
> >
> >
> >
> > ----- Original Message -----
> > > From: "Nicolae Paladi" <n.paladi(a)gmail.com>
> > > To: users(a)ovirt.org
> > > Sent: Friday, October 25, 2013 7:16:30 PM
> > > Subject: Re: [Users] Trusted Pools and CentOS 6 packages
> > >
> > > Doron Fediuck <dfediuck@...> writes:
> > >
> > > >
> > > > ----- Original Message -----
> > > > > From: "Gianluca Cecchi" <gianluca.cecchi@...>
> > > > > To: "Doron Fediuck" <dfediuck@...>
> > > > > Cc: "Wei D Chen" <wei.d.chen@...>,
"users"
> > > > <users@...>, "Mei Yu"
> > > > <mei.yu@...>, "Ofri Masad"
> > > > > <omasad@...>, "Gang Wei" <gang.wei@...>
> > > > > Sent: Tuesday, June 11, 2013 2:29:54 AM
> > > > > Subject: Re: [Users] Trusted Pools and CentOS 6 packages
> > > > >
> > > > > On Mon, Jun 10, 2013 at 6:36 PM, Doron Fediuck wrote:
> > > > >
> > > > > >
> > > > > > That's nice of Jimmy to assist.
> > > > > > Are you trying out the oVirt TCP feature or will you be
using
> OAT
> > > > > > for something else?
> > > > >
> > > > > Actually the need was for OpenStack environment, but I'm
going to
> test
> > > > > oVirt node too.
> > > > >
> > > > > Gianluca
> > > > >
> > > >
> > > > Thanks for the info.
> > > > Note that openstack and ovirt are using the same OAT infra,
> > > > but implementing the logic in a different way.
> > > > Let me know f you have a specific use case so I'll be able to
> > > > provide additional details.
> > > >
> > >
> > >
> > > Hi,
> > >
> > > I have an environment where the oat-server is on a Ubuntu, while
> > > the compute hosts are CentOS servers.
> > >
> > > I have installed the packages for the oat-server from the Ubuntu
> > > repositories, and there is indeed a "ClientFiles" directory, but
> > > but it lacks installation files (just the following:
> > > endorsement.p12 install.bat lib OAT.properties
> > OATprovisioner.properties
> > > PrivacyCA.cer TrustStore.jks)
> > >
> > >
> > > The questions are:
> > > * are there packages for centos 6.4 available?
> > > * how can the client files be generated by the oat-server?
> > >
> > > cheers,
> > > /Nicolae
> > >
> >
> > Hi Nicolae,
> > Adding Jimmy for RPM updates.
> > Jimmy, are you packaging the OAT for el6 and where can it be found?
> >
> > Also, some of the issues are available here:
> > http://www.ovirt.org/Trusted_compute_pools_deployment
> >
> > Doron
>