@@ -73,25 +73,53 @@ $ stack exec cardano-node -- --topology=wallet-new/topology-examples/testnet.yam
7373
7474From there, you can browse the API documentation for V0 and V1 through the following URLs:
7575
76- - http ://localhost:8090 /docs/v0/index/
77- - http ://localhost:8090 /docs/v1/index/
76+ - https ://localhost:8091 /docs/v0/index/
77+ - https ://localhost:8091 /docs/v1/index/
7878
79- ### HTTPS
8079
81- By default, wallet backend only accepts HTTPS connections :
80+ You may also run a simple cURL command to check whether the node is up-and-running :
8281
8382```
84- $ curl localhost:8090/docs/v1/index/
85- This server only accepts secure HTTPS connections.
83+ $ curl https://localhost:8090/api/v1/node-info \
84+ --cacert scripts/tls-files/ca.crt \
85+ --cert scripts/tls-files/client.pem
8686```
8787
88- We should provide our ` ca.crt ` :
88+ > * NOTE*
89+ >
90+ > Every node running a wallet API needs x509 certificates for enabling TLS support. By default,
91+ > those certificates are located in ` ./scripts/tls-files ` . Use them if you need a CA or a
92+ > client certificate.
93+
94+
95+ ## Local Cluster
96+
97+ Running a node against ` mainnet_staging ` may not be ideal for testing. The node will also need
98+ time to synchronize and won't run the full API capabilities until having done so. To cope with
99+ this, one may run a local cluster of nodes, acting upon a fresh database, speeding up most of
100+ the operations. To run a local cluster, _ nix_ is your friend:
101+
102+ ```
103+ $ nix-build -A demoCluster -o run-demo --arg useStackBinaries true && ./run-demo
104+ ```
105+
106+ This will run a local cluster after having set up a fresh environment for it in ` ./state-demo ` .
107+ There are some files of interest in this folder you may need like the tls certificates or the
108+ logging configurations.
109+
110+
111+ ### HTTPS
112+
113+ By default, wallet backend only accepts HTTPS connections:
89114
90115```
91- $ curl --cacert scripts/tls-files/ca.crt https://localhost:8090/docs/v1/index/
116+ $ curl localhost:8090/api/v1/node-info
117+ This server only accepts secure HTTPS connections.
92118```
93119
94- But if we launch a node with ` --wallet-debug ` option, we can send simple ` http ` -requests.
120+ Read the documentation about TLS authentication in [ docs/tls-authentication.md] ( ../docs/tls-authentication.md )
121+ for details about how to contact a wallet node with TLS.
122+
95123
96124### Swagger Specification
97125
@@ -126,9 +154,33 @@ $ stack test cardano-sl-wallet-new
126154Wallet integration tests can be run using this command (from the project * root* directory):
127155
128156```
129- $ nix-build release.nix -A walletIntegrationTests
157+ $ nix-build -A walletIntegrationTests --arg useStackBinaries true
130158```
131159
160+ > ** NOTE** :
161+ > ` nix-build -A walletIntegrationTests ` (with or without ` useStackBinaries ` ) runs a
162+ > local demo cluster, either via stack or nix by default on your local machine
163+ > that is fully usable by daedalus/curl etc... and requires port 8090 and
164+ > ports 3001-3004 and 3101 to be available. This cluster has four core nodes, 1
165+ > relay, and a single wallet and has full x509 CA cert enabled. It then
166+ > pre-loads some genesis poor keys for testing and runs the wal-integr-test
167+ > haskell program, which connects to the running cluster. When it completes, it
168+ > terminates the demo cluster and wallet. This will fail if ports aren't
169+ > available to bind (although cardano-node will happily run without crashing,
170+ > it just will be broken), you try running two of these at once, etc...
171+ >
172+ > This is differentiated from ` nix-build -A tests.walletIntegration ` which ** DOES
173+ > NOT** support ` useStackBinaries ` and builds/runs the entire cluster in a sandbox
174+ > isolated from the rest of the system (assuming nix sandboxing is enabled).
175+ > This is how hydra runs the tests and why hydra is capable or running more
176+ > than one cluster at the same time. This will use any binaries cached by hydra
177+ > if you have the IOHK binary cache enabled, or will build everything cleanly
178+ > in nix if the binaries aren't available in the local nix store. One other
179+ > thing to note is that tests.walletIntegration will only run once and will
180+ > cache the results (unless of a failure). If you have a need to rerun the
181+ > test, you can pass the ` --check ` flag to force the test to run again. ` --check `
182+ > is used to confirm that results from one test match the results again.
183+
132184## Developing
133185
134186We have a [ ` Makefile ` ] ( ./Makefile ) with some helpful commands for development.
@@ -152,7 +204,8 @@ Now use following command (from the `cardano-sl` *root* directory):
152204$ curl -X POST \
153205 -H "Content-Type: application/json" \
154206 -d '"PATH_TO_SECRET_KEY"' \
155- --cacert scripts/tls-files/ca.crt
207+ --cacert scripts/tls-files/ca.crt \
208+ --cert scripts/tls-files/client.pem \
156209 https://localhost:8090/api/wallets/keys
157210```
158211
@@ -217,6 +270,7 @@ using environment variables as follows:
217270LANG=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 stack exec -- ...
218271```
219272
273+
220274##### API returns ` 415 Unsupported Media Type `
221275
222276The wallet's API can be quite picky about media-types and expect both a given type and an
@@ -232,3 +286,10 @@ value:
232286```
233287application/json;charset=utf-8
234288```
289+
290+
291+ ##### API returns ` error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown `
292+
293+ You're missing a valid client certificate to contact the node. For development, you may run the
294+ node with ` --no-client-auth ` or provide a valid corresponding client x509 certificates. More
295+ information in [ docs/tls-authentication.md] ( ../docs/tls-authentication.md ) .
0 commit comments