Hi @markamind,
Thanks much, when I try out this cmd ziti edge controller create identity user "NewUser" -o NewUser.jwt
, it gives me error, saying unknown shorthand flag: 'o' in -o. Let me know if I’m missing something. Thanks.
Have a look through these commands.. it may help with the structure.
Here is an example to create an identity called "server.id" that is linked to a service called "service.endpoint"
ziti edge create identity device server.id -a service.endpoint -o server.jwt
This took me ages to work out.. and then there was those terminators.
tip: terminators are only created when you start a host.. so for them to be created.. you need to run a service on the server that starts up the listener for a specific port.. or range of ports (using an intercept)
1 Like
After a couple of trials, I got into unauthorised access, something like below
ziti edge create identity device "${server_identity}" -a "${service_name}"ServerEndpoints -o "${server_identity}".jwt
error: error creating identities instance in Ziti Edge Controller at https://sig56/edge/management/v1. Status code: 401 Unauthorized, Server returned: {
"error": {
"code": "UNAUTHORIZED",
"message": "The request could not be completed. The session is not authorized or the credentials are invalid",
"requestId": "lP-RAlbui"
},
"meta": {
"apiEnrollmentVersion": "0.0.1",
"apiVersion": "0.0.1"
}
curl eth0.me
223.233.21.219
Any clue plz?
ahh.. I believe you are very close.
try this before you run the command
zitiLogin
This creates a token on your controller so that you can run ziti commands like enroll etc
2 Likes
hmmm! thanks worked for me.
I modified that as ziti edge login 
@afzal442 Can you please let me know where you found this command string?
ziti edge controller create identity user
I ask because I have seen this in some older documentation so I’d like to see if we can update or remove the docs.
Also, regarding your latest message @markamind has you covered, you just need to zitiLogin if you see that UNAUTHORIZED error.
Yes @gberl002 , sure!
the associated link to that Creating an Identity | Ziti
1 Like
We removed ‘controller’ a long time ago from commands like this and looks like we missed some spots it was referenced.
Seems like this ‘breaks’ that command! 
i’ll get that fixed up. The ‘correct’ command is to just remove ‘controller’
ziti edge controller create identity user "NewUser" -o NewUser.jwt
As for the UNAUTHORIZED issue - as you discovered your session just timed out and you needed to login again
1 Like
I’m on it @TheLumberjack
Having that said I went through the examples associated with go-sdk, I am struggling with running the application. I tried out like for server.go → go run simple-server.go "$HOME/srv.conf” eth2,
similarly for client → go run simple-client.go "$HOME/cli.conf” 80
Before that I enrolled the jwt as ziti edge enroll --jwt ${jwt_file} --out ${identity_config_file}.
Any hint plz? 
cc @TheLumberjack
I can give you a bunch of commands that will get this up and running. I’ll do that and get back to you in a few minutes… 
1 Like
Follow a quickstart, make sure you can login and issue ziti cli commands (i think you’re here already)
open two terminal windows
git clone git@github.com:openziti/sdk-golang.git
terminal 1: cd sdk-golang/exercises/http/server/zitified
terminal 1: ziti edge create identity user server.id -o server.id.jwt
terminal 1: ziti edge enroll server.id.jwt
terminal 2: cd sdk-golang/exercises/http/client/zitified
terminal 2: ziti edge create identity user client.id -o client.id.jwt
terminal 2: ziti edge enroll client.id.jwt
terminal 1: ziti edge create service simple-http-service
terminal 1: ziti edge create service-policy simple-http-service-bind Bind --service-roles '@simple-http-service' --identity-roles '@server.id'
terminal 1: ziti edge create service-policy simple-http-service-dial Dial --service-roles '@simple-http-service' --identity-roles '@client.id'
Here comes the payoff
terminal 2: go run simple-client.go client.id.json simple-http-service
Hello response: zitified hello from sg3
Add Result: zitified a+b=1+2=3
1 Like
hey @TheLumberjack, thanks much for your kind help. So now when I try to restart my ziti controller, startZitiController: command not found causes the issue. Or maybe I missed somewhere. Thanks
Any hint plz?
cc @markamind
There are two approaches to starting / stoping services
- via cmd file (my preference for testing)
- via system control.
If you want to do it via command.. you need to download a local copy of the ziti-cli-functions.sh file used to conduct the Quick Install
With this in a local directory.. the following should work
. ./ziti-cli-functions.sh && startZitiController
to start the edge router, you need to set the following variable first
ZITI_EDGE_ROUTER_RAWNAME=instance-20220416-1603-edge-router
. ./ziti-cli-functions.sh && startExpressEdgeRouter
In case you did setup the system command, it would be something like
sudo systemctl start ziti-controller
sudo systemctl stop ziti-controller
sudo systemctl start ziti-edge-router
sudo systemctl stop ziti-edge-router
sudo systemctl start ziti-console
sudo systemctl stop ziti-console
Hope that helps
Sorry @markamind, could you tell me where I can find local copy of the ziti-cli-functions.sh file to download? Thanks.
FYI, I have this development setup with no docker.
the file is the quick start install script.
# now download, source, and execute the expressInstall function
source /dev/stdin <<< "$(wget -qO- https://raw.githubusercontent.com/openziti/ziti/release-next/quickstart/docker/image/ziti-cli-functions.sh)"; expressInstall
It gets cached during the install… then automatically cleaned up
1 Like
@afzal442 there's a section of the doc that covers this here https://openziti.github.io/ziti/quickstarts/network/local-no-docker.html#sourcing-the-env-file
In the case you close your shell and you want to get the same environment variables back into your shell, you can just source the "env" file that is placed into the location you specified. For example, if you ran the example above where the deployed files went to
${HOME}/.ziti/quickstart/newfolderyou would find an "env" file at${HOME}/.ziti/quickstart/newfolder/newfolder.envand source it:
source ${HOME}/.ziti/quickstart/newfolder/newfolder.env
~ % zitiLogin
Token: aa1c7fb0-85d9-4a79-86b2-5df450c5b4de
Saving identity 'default' to ${HOME}/.ziti/quickstart/newfolder/ziti-cli.json
Hope that's enough of a hint for you
Oh, I realize I answered the question wrongly. You could choose to source the script from the web (like @markamind shows) every time with just running the same command (without the expressInstall function call)
source /dev/stdin <<< "$(wget -qO- https://raw.githubusercontent.com/openziti/ziti/release-next/quickstart/docker/image/ziti-cli-functions.sh)";
or you can just wget the file and put it somewhere ‘cached’:
wget -q -O /tmp/ziti-cli-functions.sh https://raw.githubusercontent.com/openziti/ziti/release-next/quickstart/docker/image/ziti-cli-functions.sh
then you can source THAT file when you want:
source /tmp/ziti-cli-functions.sh
I would get the latest ziti-cli-functions.sh now and then in case there’s bug fixes
1 Like
hmmm! sounds good.
every time with just running the same command (without the expressInstall function call)
Yep, I did that in those ways. It'll be nice if we can add it on docs as well so that one can't miss this step while starting ziti controller again. Thanks