iSHARE is a collaborative effort to improve conditions for data-sharing for organisations involved in the logistics sector. The functional scope of the iSHARE Scheme focuses on topics of identification, authentication and authorization.
The Service Provider:
- provides a service, such as data for consumption by a Service Consumer
The Service Provider is a role for which iSHARE adherence (iSHARE) is REQUIRED.
- Install .NET Core 2.1.4 Runtime (or SDK 2.1.402 for development).
git clone https://github.com/iSHAREScheme/ServiceProvider.git(or download zip)
- Create environment variable 'ENVIRONMENT' with the value 'Development'
- Navigate to iSHARE.ServiceProvider.Api.Warehouse13 and create a new file named 'appsettings.Development.json'
- Copy the content of 'appsettings.Development.json.template' into 'appsettings.Development.json' and complete all fields with the necessary information and save the changes
- Into appsettings.Development.json file:
- Change DigitalSigner -> PrivateKey value to the valid RSA private key value with the following format: "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----". For this, you can use OpenSSL:
- Extract the private key from the certificate:
openssl pkcs12 -in "certificate.p12" -out "certificate.key.pem" -nodes -nocerts -password pass:your_password_here - Decrypt private key:
openssl rsa -in certificate.key.pem -out certificate.key.decr.pem - Extract the content from
certificate.key.decr.pemand replace the endline characters with "\n"
- Extract the private key from the certificate:
- Change DigitalSigner -> RawPublicKey value to the valid public key value with the following format: "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----". For this you can use OpenSSL:
- Extract .pem:
openssl pkcs12 -in certificate.p12 -clcerts -nokeys -out certificate.pem -password pass:your_password_here - Extract the content from
certificate.pemand remove the endline characters
- Extract .pem:
- Save changes
- Change DigitalSigner -> PrivateKey value to the valid RSA private key value with the following format: "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----". For this, you can use OpenSSL:
- Go to Resources\Development
- Open certificate_authorities.json
- Add the necessary certificate authorities in the following format: "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----" (this value can be obtained from a .pem certificate by extracting the content and removing the line separators/endlines)
- Save
Navigate to the local Service Provider repository and run dotnet build
Service Provider is using a SQL database that is created at runtime. Various test records are inserted from JSON files present here
iSHARE.ServiceProvider.Api.Warehouse13\Seed\IdentityServer\Development
- Navigate to the local Service Provider repository, into iSHARE.ServiceProvider.Api.Warehouse13 folder and run
dotnet run - Open a browser tab and navigate to
localhost:8600/swagger
Certificate validation related service can be found here
The current implementation of the Service Provider validates the party only on the basis of the EORI number with the SO. The recommended validation should be done based on the EORI number and the certificate subject name pair.