Some VNFs used for the demonstration of multi-context security approaches, and how they can interact within a datacenter environment and beyond. The VNFs provide clients, servers based on the original multi-context TLS proposal, as well as a gateway for interworking through pure TLS connections. Support from different methods for key and certificate management (including ACME) is provided.
- Ubuntu 14.04 LTS Server
- mcTLS or mctls local repository folder
Next figure shows the layout. with 3 VM: One client, one Web server and the mcTLS Proxy VNFs for datacenter.
- Install Ubuntu and mcTLS in each VM.
- Install Apache Web server in Server VM
- Upload the files into corresponding VM.
- Recompile mcTLS Proxy VNF with new uploaded code. Following mcTLS install process.
Files to upload
Standard web server VM (server)
Copy files from server local repository folder and start Apache2 Server with TLS1.2 support.
Middlebox VNF (proxymcTLS)
Copy files from proxymcTLS local repository folder This is the core VNF that includes several components:
- mcTLS middlebox based on original Mctls
- mcTLS proxy. Modified version of the original Mctls Server with proxy functionality: End mcTLS session, extract HTTP payload and encapsulate it in a standard TLS session
- TLS client
Copy files from client local repositoryfolder and use Mctls command line client
- Update configuration files
- Move to evaluation folder
- Start process in the following order:
- proxyTLS (middlebox & proxy)
- Run test from client.