Skip to content

docs: update README #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pranavjain97 merged 1 commit into from
Jul 25, 2025
Merged

docs: update README #90

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 35 additions & 35 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,32 +94,32 @@ openssl req -new -x509 -key server.key -out server.crt -days 365 -subj "/CN=loca
### 2. Start Enclaved Express

```bash
APP_MODE=enclaved \
KMS_URL=https://your-kms-service \
TLS_KEY_PATH=./server.key \
TLS_CERT_PATH=./server.crt \
MTLS_REQUEST_CERT=true \
ALLOW_SELF_SIGNED=true \
npm run start
export APP_MODE=enclaved
export KMS_URL=https://your-kms-service
export TLS_KEY_PATH=./server.key
export TLS_CERT_PATH=./server.crt
export MTLS_REQUEST_CERT=true
export ALLOW_SELF_SIGNED=true
npm start
```

### 3. Start Master Express
### 4. Start Master Express

In a separate terminal:

```bash
APP_MODE=master-express \
BITGO_ENV=test \
TLS_KEY_PATH=./server.key \
TLS_CERT_PATH=./server.crt \
ENCLAVED_EXPRESS_URL=https://localhost:3080 \
ENCLAVED_EXPRESS_CERT=./server.crt \
MTLS_REQUEST_CERT=false \
ALLOW_SELF_SIGNED=true \
npm run start
export APP_MODE=master-express
export BITGO_ENV=test
export TLS_KEY_PATH=./server.key
export TLS_CERT_PATH=./server.crt
export ENCLAVED_EXPRESS_URL=https://localhost:3080
export ENCLAVED_EXPRESS_CERT=./server.crt
export MTLS_REQUEST_CERT=false
export ALLOW_SELF_SIGNED=true
npm start
```

### 4. Test the Connection
### 5. Test the Connection

Test that Master Express can communicate with Enclaved Express:

Expand All @@ -143,28 +143,28 @@ curl -k -X POST https://localhost:3081/ping/enclavedExpress
#### Enclaved Express (Production)

```bash
APP_MODE=enclaved \
KMS_URL=https://production-kms.example.com \
TLS_KEY_PATH=/secure/path/enclaved.key \
TLS_CERT_PATH=/secure/path/enclaved.crt \
MTLS_REQUEST_CERT=true \
ALLOW_SELF_SIGNED=false \
MTLS_ALLOWED_CLIENT_FINGERPRINTS=ABC123...,DEF456... \
npm run start
export APP_MODE=enclaved
export KMS_URL=https://production-kms.example.com
export TLS_KEY_PATH=/secure/path/enclaved.key
export TLS_CERT_PATH=/secure/path/enclaved.crt
export MTLS_REQUEST_CERT=true
export ALLOW_SELF_SIGNED=false
export MTLS_ALLOWED_CLIENT_FINGERPRINTS=ABC123...,DEF456...
npm start
```

#### Master Express (Production)

```bash
APP_MODE=master-express \
BITGO_ENV=prod \
TLS_KEY_PATH=/secure/path/master.key \
TLS_CERT_PATH=/secure/path/master.crt \
ENCLAVED_EXPRESS_URL=https://enclaved.internal.example.com:3080 \
ENCLAVED_EXPRESS_CERT=/secure/path/enclaved.crt \
MTLS_REQUEST_CERT=true \
ALLOW_SELF_SIGNED=false \
npm run start
export APP_MODE=master-express
export BITGO_ENV=prod
export TLS_KEY_PATH=/secure/path/master.key
export TLS_CERT_PATH=/secure/path/master.crt
export ENCLAVED_EXPRESS_URL=https://enclaved.internal.example.com:3080
export ENCLAVED_EXPRESS_CERT=/secure/path/enclaved.crt
export MTLS_REQUEST_CERT=true
export ALLOW_SELF_SIGNED=false
npm start
```

## Container Deployment with Podman
Expand Down