1.0 Creating an EDP Application
To create an application in using Fortanix Rust EDP, refer to https://support.fortanix.com/hc/en-us/articles/360044746932-Bringing-EDP-Rust-Apps-to-Confidential-Computing-Manager.
On successful app creation, you will get SIGSTRUCT file of the application (details on the above link). After you get the Enclave SIGSTRUCT of the application build, proceed with the UI flow below.
2.0 Running an Application on Fortanix CCM
Step 1: Signup and Log in to Fortanix Confidential Computing Manager (CCM)
- Visit https://ccm.fortanix.com/ and signup.
- After your account is approved by the administrator, log in by entering your email id and password.
Figure 1: Logging In
Step 2: Create and Select an Account
- After you sign up and log in, you will be taken to the Accounts page. Click ADD ACCOUNT to create a new account.
Enter a name for the new account and optionally add a custom logo for the account. Click CREATE ACCOUNT to complete the account creation.
Figure 2: Create an Account
- After the account is created, click SELECT ACCOUNT to select the newly created account and start enrolling the compute nodes and creating applications.
Figure 3: Select an Account
Step 3: Add an EDP Application
Figure 4: Add EDP Application
- In the EDP application form, fill in the relevant details such as the Application name and Description (optional).
- Select a Fortanix CCM group for the application.
- Labels: To control which applications are allowed to run on which nodes, add Labels for applications and nodes in the form of “Key:Value” pairs.
- Add any certificate using the Certificate Configuration section.
- Enter the certificate domain. You can choose to add multiple certificates using the ADD A CERTIFICATE button. After you configure all the certificates, click CREATE to configure the image.
Figure 5: Add Application Details
Step 4: Create an EDP Application Image
- On the next screen, click + IMAGE button.
Figure 6: Add Application Image
- On the Add image form, enter all the required details.
- Image Version - Enter the valid version number of the image.
- Image Type - Select the required radio button for image type.
Enclave Configuration SIGSTRUCT - Choose one of the options to add the SIGSTRUCT details. The SIGSTRUCT for an enclave is generated when an application is signed. It is used to register the enclave with Fortanix CCM.
Figure 7: Create an EDP Application Image
- Click CREATE to create the EDP application image.
Step 5: Domain and Image Whitelisting
- An application whose domain is whitelisted will get a TLS Certificate from Fortanix CCM. Similarly, when an application runs from the converted image, the application will try to contact Fortanix CCM and ask for a TLS Certificate.
On the Tasks → Pending menu item, approve the pending requests to whitelist the domain and image.
Figure 8: Whitelist the Domain
Figure 9: Whitelist the Image
Step 6: Running the application
On a node running the Fortanix CCM Node Agent, start the application.
Figure 10: Deployed EDP Application