[https://youtu.be/Vw-SRoueVTs?si=to8c6RhspVPzarQS](https://Youtube Video)
But, I still need to figure out how fix the local development setup using docker.
2 Likes
Awesome. Congrats! 
I see you're using draw.io. If you want to use the OpenZiti icons, you can File -> Import From -> Url and use: https://raw.githubusercontent.com/openziti/diagrams/main/icons/icons.draw.io.xml
You'll have a few to choose from in there like routers, controller, etc.
I watched the full video, nicely done! I got to this point at the end:
Instead of this, since you are targeting devs, I think you should point people to the Enrollment sample: https://github.com/openziti/ziti-sdk-csharp/tree/main/OpenZiti.NET.Samples/src/Enrollment
You could maybe even incorporate it into your demo too.
It's demonstrates that the .jwt is a single use token. If you try to enroll the .jwt twice (since it's a one-time-use token), the enrollment function will fail with an exception:
public override async Task<object> RunAsync() {
Log.Info("EnrollmentSample starts");
var enrollDemoIdentityName = "enroll-demo";
var s = new SampleSetup();
var id = await s.BootstrapSampleIdentityAsync(enrollDemoIdentityName, null);
var jwt = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName());
File.WriteAllBytes(jwt, Encoding.UTF8.GetBytes(id.Enrollment.Ott.Jwt));
Console.WriteLine("Enrolling the first time. This is expected to succeed");
Enroll(jwt, Directory.GetCurrentDirectory() + Path.DirectorySeparatorChar + "enroll.demo.json");
//now enroll the same exact token again and expect an error
Console.WriteLine("Enrolling the _second_ time. This is __expected__ to fail to");
Console.WriteLine(" illustrate that enrollment may fail");
Console.WriteLine();
try {
Enroll(jwt, Directory.GetCurrentDirectory() + Path.DirectorySeparatorChar + "enroll.demo.json");
} catch (Exception ex) {
Console.WriteLine( " EXPECTED ERROR: JWT not accepted by controller");
Console.WriteLine($" ERROR RECEIVED: {ex.Message}");
Console.WriteLine();
}
return null;
}
awesome thanks, I added the link on video description. I can likely release a new software project that integrates with openziti and TPM and could likely integrate security key with FIPS compliant depending to the outcome of my test.
Sounds amazing. Let us know how we can help.
Oh, I justed tested netfoundry hosted solution. I believe its fairly simple process maybe add on documentation ? @TheLumberjack
So you're saying that CloudZiti was simple, and easy to setup and get going, right? GREAT! We are always working on documentation and other ideas. Thanks for the input!
Yes CloudZiti should be added on documentation because the user does not need to bootstrap the controller. In addition, since there is a free plan it will allow developers to reduce the cost while testing the fundamental concepts on cloud environment.
Just think of it, the hosts file on windows (local development testing) are missing necessary config that is required for ziti controller / router to work.
I think the documentation should also add the workflow for sdk integration with minimum sample code as can be seen below.
1 Like
I published another video where it demonstrates OpenZiti's capability to secure the server. https://youtu.be/2auAx06r7IM
It's also a proof of concept with WinUI 3 and OpenZiti integration.
1 Like