{"id":28405586,"url":"https://github.com/simplito/privmx-pki-server","last_synced_at":"2025-09-13T10:31:20.080Z","repository":{"id":294403361,"uuid":"947180567","full_name":"simplito/privmx-pki-server","owner":"simplito","description":"Sample PKI (Public Key Infrastructure) server for PrivMX.","archived":false,"fork":false,"pushed_at":"2025-07-07T13:05:54.000Z","size":851,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-07T14:30:06.201Z","etag":null,"topics":["communication","cryptography","end-to-end-encryption","pki","privmx"],"latest_commit_sha":null,"homepage":"https://privmx.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simplito.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-12T09:28:51.000Z","updated_at":"2025-07-07T13:05:58.000Z","dependencies_parsed_at":"2025-06-29T06:41:30.428Z","dependency_job_id":null,"html_url":"https://github.com/simplito/privmx-pki-server","commit_stats":null,"previous_names":["simplito/privmx-pki-server"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/simplito/privmx-pki-server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fprivmx-pki-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fprivmx-pki-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fprivmx-pki-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fprivmx-pki-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simplito","download_url":"https://codeload.github.com/simplito/privmx-pki-server/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fprivmx-pki-server/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274949545,"owners_count":25379446,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-13T02:00:10.085Z","response_time":70,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["communication","cryptography","end-to-end-encryption","pki","privmx"],"created_at":"2025-06-01T21:37:17.862Z","updated_at":"2025-09-13T10:31:20.055Z","avatar_url":"https://github.com/simplito.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PrivMX PKI Server\n\nThis repository provides a sample PKI (Public Key Infrastructure) server for PrivMX. It secures and authorizes communication between PrivMX Bridge Servers and their users by verifying their public keys.\n\n# Getting Started\n\n## Setting Up (Using Docker)\n\u003cdiv class=\"center-column\"\u003e\u003c/div\u003e\n\nFrom the bash-like terminal, run:\n```\n./setup.sh\n```\n\nAs a result, you will receive basic information about the launched PKI Server:\n\n\u003cdiv class=\"center-column\"\u003e\u003c/div\u003e\n\n```\nPrivMX PKI URL:  http://localhost:8101\n\nAPI Key ID:  682741b5d999a98408236a64\nAPI Key Secret:  914cdf259a818c5b716bc09af3295da1\n```\n\n## Setting Up (From Sources)\n### Prerequisites\n\n#### Mongo\n\nPrivMX PKI Server requires a connection to MongoDB with a replica set enabled. If you don't have one, you can set it up using the script below (Docker-based):\n\n```\n./scripts/mongo.sh\n```\n\n#### Node.js\n\nThe project is written in TypeScript, so it requires a Node.js environment to run (version 22).\n\n### Run\n\nInstall dependencies, compile the code, and run it:\n\n```\nnpm install\nnpm run compile\nnpm start\n```\n\n### Create an API Key\n\nTo use the administrative API, you need an API key. You can create one by running (in a bash-like terminal):\n\n```bash\n./create_api_key\n```\n\n# Basic Usage\n\n## Admin PKI API\n\nLog in using the `auth/token` API method and the `API_KEY_ID` and `API_KEY_SECRET`, which you received - depending on how the server was launched - from the `setup` script, or from `create_api_key` script.\n\n```bash\ncurl -X POST -H \"Content-Type: application/json\" --data-binary '{\n    \"jsonrpc\":\"2.0\",\n    \"id\":0,\n    \"method\":\n    \"auth/token\",\n    \"params\":{\n        \"scope\":[\"user:read_write\"],\n        \"grantType\":\"client_credentials\",\n        \"clientId\":\"\u003cAPI_KEY_ID\u003e\",\n        \"clientSecret\":\"\u003cAPI_KEY_SECRET\u003e\"\n    }\n}' http://localhost:8101/main\n```\n\nAs a result, one of the fields you will receive will be the `access_token` field.\n\nYou can now use it for methods requiring authentication by providing it in the header as follows: `\"Authorization: Bearer \u003caccess_token\u003e\"`.\n\n### Registering PrivMX Bridge Server \n\nTo register a PrivMX Bridge server you will use the `pkiadmin/setHost` method of the Admin PKI API and the generated access token:\n\n```bash\ncurl -X POST -H \"Content-Type: application/json\" -H \"Authorization: Bearer \u003caccess-token\u003e\" --data-binary '{\n    \"jsonrpc\":\"2.0\",\n    \"id\":0,\n    \"method\":\"pkiadmin/setHost\",\n    \"params\":{\n        \"hostPubKey\":\"\u003cBRIDGE_SERVER_PUBLIC_KEY\u003e\",\n        \"hostUrl\":\"\u003cBRIDGE_SERVER_HOST_URL\u003e\"\n    }\n}' http://localhost:8101/main\n```\nAs a result, you will receive a JSON object with an `instanceId` identifying the added PrivMX Bridge server.\n\n### Verification of Registration\nIn order to verify the correctness of the previous step, you can use `pkiadmin/listHosts` API method get the list of registered Bridge servers:\n\n```bash\ncurl -X POST -H \"Content-Type: application/json\" -H \"Authorization: Bearer \u003caccess-token\u003e\" --data-binary '{\n    \"jsonrpc\":\"2.0\",\n    \"id\":0,\"method\":\"pkiadmin/listHosts\",\n    \"params\":{}\n}' http://localhost:8101/main\n```\nThe PKI server should return a list of registered PrivMX Bridge records in the form of a `JSON` object as a result.\n\n### Adding User Identification Information\n\nTo enable verification of users' public keys, their records (UserIdentity) must be added to the PKI server using `pkiadmin/setKey` API method:\n\n```bash\nurl -X POST -H \"Content-Type: application/json\" -H \"Authorization: Bearer \u003caccess-token\u003e\" --data-binary '{\n    \"jsonrpc\":\"2.0\",\n    \"id\":0,\n    \"method\":\"pkiadmin/setKey\",\n    \"params\":{\n        \"userId\":\"user1\",\n        \"userPubKey\":\"\u003cUSER_PUBLIC_KEY\u003e\",\n        \"instanceId\":\"\u003cINSTANCE_ID_OF_REGISTERED_BRIDGE_SERVER\u003e\",\n        \"contextId\":\"\u003cCONTEXT_ID_OF_USER_ON_BRIDGE_SERVERR\u003e\"\n    }\n}' http://localhost:8101/main\n```\nFrom now on, the `UserIdentity` of a user presenting a given public key will be associated with a specific instance of PrivMX Bridge (and with a context within that server).\n\nFurther steps on how to verify the data at the client application level using the PrivMX Endpoint library are described in the [PrivMX Docs](https://docs.privmx.dev).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimplito%2Fprivmx-pki-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimplito%2Fprivmx-pki-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimplito%2Fprivmx-pki-server/lists"}