Full Service API
  • Welcome!
  • Overview
  • API Endpoints
    • v2
      • Account
        • Account
          • Create Account
          • Import Account
          • Import Account Legacy
          • Get Accounts
          • Get Account Status
          • Get Balance
          • Update Account Name
          • Set Require Spend Subaddress
          • Remove Account
        • Account Secrets
          • Export Account Secrets
        • Address
          • Assign Address For Account
          • Get Address For Account
          • Get Addresses
          • Get Address Status
          • Verify Address
        • View Only Account
          • Import View Only Account
          • Create View Only Account Import Request
          • Create View Only Account Sync Request
          • Sync View Only Account
      • Transaction
        • Transaction
          • Build Transaction
          • Submit Transaction
          • Build And Submit Transaction
          • Build Burn Transaction
          • Build Unsigned Transaction
          • Build Unsigned Burn Transaction
        • Transaction Output TXO
          • Memo
            • Validate Sender Memo
          • Get TXO
          • Get TXOs
          • Get MobileCoin Protocol TXO
          • Get TXO Membership Proofs
          • Sample Mixins
          • Get TXO Block Index
        • Confirmation
          • Get Confirmations
          • Validate Confirmations
        • Receiver Receipt
          • Check Receiver Receipt Status
          • Create Receiver Receipts
        • Transaction Log
          • Get Transaction Log
          • Get Transaction Logs
          • Get MobileCoin Protocol Transaction
        • Payment Request
          • Create Payment Request
          • Check B58 Type
      • Block
        • Get Block
        • Get Blocks
        • Get Recent Blocks
        • Search Ledger
      • Network Status
        • Get Network Status
      • Wallet Status
        • Get Wallet Status
      • Version
        • Get Version
    • v1 (deprecated)
      • Account
        • Account
          • Create Account
          • Import Account
          • Import Account Legacy
          • Get Account
          • Get All Accounts
          • Get Account Status
          • Update Account Name
          • Remove Account
        • Account Secrets
          • Export Account Secrets
        • Address
          • Assign Address For Account
          • Get Addresses For Account
          • Verify Address
        • Balance
          • Get Balance For Account
          • Get Balance For Address
      • Transaction
        • Transaction
          • Build Transaction
          • Submit Transaction
          • Build And Submit Transaction
          • Build Split Txo Transaction
        • Transaction Output TXO
          • Get TXO
          • Get MobileCoin Protocol TXO
          • Get TXOs For Account
          • Get TXOs For View Only Account
          • Get All TXOs For Address
        • Confirmation
          • Get Confirmations
          • Validate Confirmations
        • Receiver Receipt
          • Check Receiver Receipt Status
          • Create Receiver Receipts
        • Transaction Log
          • Get Transaction Object
          • Get Transaction Log
          • Get Transaction Logs For Account
          • Get All Transaction Logs For Block
          • Get All Transaction Logs Ordered By Block
          • Get MobileCoin Protocol Transaction
        • Payment Request
          • Create Payment Request
          • Check B58 Type
      • Gift Code
        • Build Gift Code
        • Submit Gift Code
        • Get Gift Code
        • Get All Gift Codes
        • Check Gift Code Status
        • Claim Gift Code
        • Remove Gift Code
      • Block
        • Get Block
      • Network Status
        • Get Network Status
      • Wallet Status
        • Get Wallet Status
      • Version
        • Get Version
    • Signer Service
      • Create Account
      • Get Account
      • Sign Transaction
      • Sync Txos
  • Usage
    • Getting Started
      • Running Full Service
      • Create an Account
      • Receiving MobileCoin
      • Sending MobileCoin
      • Next Steps
    • Full Service Network Diagram
    • Supported Token Metadata
    • Database Usage
    • API Key
    • View Only Account
      • Signer
      • Signer Service
    • No Wallet Mode
    • Validator Service
      • Running
      • Running With TLS
    • Mirror Service
      • Running
      • Running With TLS
      • Running With Encryption
    • Logging
      • Text Logs (syslog style)
      • Crash Reports
    • T3
    • Sender Memos
  • FAQ
    • Resolving Disputes
    • How do I check if Full-Service is operational?
    • Where are logs stored?
    • How do I speed up account import?
    • What is the precision of MOB?
  • Glossary
    • Account
    • Block
    • Blockchain
    • Consensus Protocol
    • Fog
    • Full Service
    • Key Image
    • Ledger
    • MOB
    • Public Address
    • Secure Enclave
    • Subaddress
    • Transaction
    • Transaction Proposal
    • Validator Node
    • Validator Service
Powered by GitBook
On this page

Was this helpful?

  1. Usage
  2. Validator Service

Running With TLS

The GRPC connection between full-service and validator-service can optionally be TLS-encrypted. If you wish to use TLS for that, you'll need a certificate file and the matching private key for it. For testing purposes you can generate your own self-signed certificate:

$ openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 365 -keyout server.key -out server.crt

Generating a 2048 bit RSA private key
....................+++
.............+++
writing new private key to 'server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) []:US
State or Province Name (full name) []:California
Locality Name (eg, city) []:San Francisco
Organization Name (eg, company) []:My Test Company
Organizational Unit Name (eg, section) []:Test Unit
Common Name (eg, fully qualified host name) []:localhost
Email Address []:test@test.com

Note that the Common Name needs to match the hostname which you would be using to connect to the public side (that has the GRPC listening port).

  • Now, you can run the VS with TLS enabled:

    mkdir -p ./validator-ledger-db
./validator-service \
    --ledger-db ./validator-ledger-db/ \
    --peer mc://node1.test.mobilecoin.com/ \
    --peer mc://node2.test.mobilecoin.com/ \
    --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.test.mobilecoin.com/ \
    --tx-source-url https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.test.mobilecoin.com/ \
    --listen-uri "validator://localhost:5554/?tls-chain=server.crt&tls-key=server.key"

    Notice that the --listen-uri argument has changed and points to the key and certificate you generated.

  • Once the VS is running, you will need to run full-service:

    mkdir -p wallet-db/
./full-service \
   --wallet-db ./wallet-db/wallet.db \
   --ledger-db ./ledger-db/ \
   --validator "validator://localhost:5554/?ca-bundle=server.crt&tls-hostname=localhost" \
   --fog-ingest-enclave-css $(pwd)/ingest-enclave.css \
   --listen-port 9090

    The --validator argument has changed to point at the certificate file, and also specify the Common Name that is in the certficiate. Note that if the CN matches the hostname (as in the above example) then this is redundant.

PreviousRunningNextMirror Service

Last updated 2 years ago

Was this helpful?