Skip to content
/ cloud-pak-cli Public
forked from IBM/cloud-pak-cli

Cloudctl is a command line tool to manage Container Application Software for Enterprises (CASE)

License

View license
0 stars 16 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rwellon/cloud-pak-cli

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
doc
doc
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cloudctl-chain0.pub
cloudctl-chain0.pub
 
 
cloudctl-chain1.pub
cloudctl-chain1.pub
 
 
cloudctl.pub
cloudctl.pub
 
 

Repository files navigation

Overview

Cloudctl is a command line tool to manage Container Application Software for Enterprises (CASE)

Download

  1. Download the gzipped tar archive for your OS from the assets in releases
  2. Download the corresponding .sig file for verification purposes

Example using curl:

curl https://github.com/IBM/cloud-pak-cli/releases/download/v3.3.0-alpha.1/cloudctl-darwin-amd64.tar.gz -o cloudctl-darwin-amd64.tar.gz
curl https://github.com/IBM/cloud-pak-cli/releases/download/v3.3.0-alpha.1/cloudctl-darwin-amd64.tar.gz.sig -o cloudctl-darwin-amd64.tar.gz.sig

Example using wget:

wget https://github.com/IBM/cloud-pak-cli/releases/download/v3.3.0-alpha.1/cloudctl-darwin-amd64.tar.gz
wget https://github.com/IBM/cloud-pak-cli/releases/download/v3.3.0-alpha.1/cloudctl-darwin-amd64.tar.gz.sig

Check Certificate/Key Validity

Retrieve the latest public keys (example with wget):

wget https://raw.githubusercontent.com/IBM/cloud-pak-cli/master/cloudctl.pub
wget https://raw.githubusercontent.com/IBM/cloud-pak-cli/master/cloudctl-chain0.pub
wget https://raw.githubusercontent.com/IBM/cloud-pak-cli/master/cloudctl-chain1.pub

Verify that the certificate/key is owned by IBM:

openssl x509 -inform pub -in cloudctl.pub -noout -text

Verify authenticity of certificate/key:

cat cloudctl-chain0.pub > chain.pub
cat cloudctl-chain1.pub >> chain.pub

openssl ocsp -no_nonce -issuer chain.pub -cert cloudctl.pub -VAfile chain.pub -text -url http://ocsp.digicert.com -respout ocsptest

Should see a message that contains:

Response verify OK

Optionallay Validate Each Certificate Individually

Verify that the certificate is still active:

openssl ocsp -no_nonce -issuer cloudctl-chain0.pub -cert cloudctl.pub -VAfile cloudctl-chain0.pub -text -url http://ocsp.digicert.com -respout ocsptest

Should see a message that contains:

Response verify OK

Verify that the intermediate certificate is still active:

openssl ocsp -no_nonce -issuer cloudctl-chain1.pub -cert cloudctl-chain0.pub -VAfile cloudctl-chain1.pub -text -url http://ocsp.digicert.com -respout ocsptest

Should see a message that contains:

Response verify OK

Verify Archive

After completing verification of the certificate, extract public key:

openssl x509 -pubkey -noout -in cloudctl.pub > public.key

The public key is used to verify the tar archive:

openssl dgst -sha256 -verify public.key -signature <cloudctl_signature_file> <tar.gz_file>

e.g.

openssl dgst -sha256 -verify public.key -signature cloudctl-darwin-amd64.tar.gz.sig cloudctl-darwin-amd64.tar.gz

Should see a message that contains:

Verified OK

Install

Extract the archive:

  • tar -xzf <archive-name>

There should be a binary executable after extraction

About

Cloudctl is a command line tool to manage Container Application Software for Enterprises (CASE)

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published