Starting the server

How to start the Docker container

Our Docker images can run on either CPU or on GPU.

If you have been provided the CPU image, you can choose to run it either on Intel processors or x86-64 compatible processors such as those from AMD.

Our software is highly optimised to run on the latest Intel CPUs (4th Gen Xeon - Sapphire Rapids or later).

As the first step, you need to load the Docker image from the provided file.

For Intel CPUs:

docker load -i sensecrypt-server-sdk-ov.tar

For non-Intel CPUs:

docker load -i sensecrypt-server-sdk.tar

For NVIDIA GPUs (Linux only):

docker load -i sensecrypt-server-sdk-cuda.tar

After loading the image, you can start the server via the script below. This script will start a docker container of the Server SDK image and copy the license and secrets information into that container:

Linux:

./start-docker-with-license.sh

Windows:

start-docker-with-license.bat

When you run the above script, it will prompt you to create an issuer's private key:

To enable the Face PKI functionalities of the server, you should type yes. This will make the server act as a Certificate Authority for issuing Face Certificates and also enable signing of issued SensePrints such that verifiers can verify that they are, indeed, issued by you. This will also create a file called keygen_output.txt. The output of the file is shown below:

********************************************
* This tool generates a new keypair that's *
* can be used with the server/mobile SDKs. *
* Once generated, set the private key as a *
* property called issuers_private_key in   *
* the secrets.json file for your server.   *
* Set the public key as a Constant in the  *
* example offline mobile app's source code.*
********************************************

--------------------------------------------

Public key:
AobPcidyYmSswvTitXFEkXUWBs1oUkRQ6lIUhe7dfdoQ

Private key:
v1ScMMYqPLUbFU5N6A4a+H9znA9+fi/WHWf61yivPts=

The public key shown in the file should be set in the constants of the offline mobile SDKs. You should also backup this file and store it at a secure location as it defines the private key of your server as a Certificate Authority.

Once the server is running, you can access the OpenAPI Swagger Docs page by going to a browser on the local machine via:

http://localhost:7777/docs

The Swagger Docs page is useful to test the web APIs from your browser. The Swagger framework allows developers to create interactive, machine and human-readable API documentation. It is the framework that REST API developers are most familiar with.

We also provide RapiDoc documentation that is better looking and easier to read:

http://localhost:7777/rapidoc

Every time a Docker container is restarted, it assumes a new ID. Since only 5 concurrent IDs are allowed (by default) in the license, you might encounter an error if you frequently start/stop the Docker images. Thus, it is recommended to start a Docker image only once and let it run.

PreviousSenseCrypt Server NextConfiguration

******************************************** * This tool generates a new keypair that's * * can be used with the server/mobile SDKs. * * Once generated, set the private key as a * * property called issuers_private_key in * * the secrets.json file for your server. * * Set the public key as a Constant in the * * example offline mobile app's source code.* ******************************************** -------------------------------------------- Public key: AobPcidyYmSswvTitXFEkXUWBs1oUkRQ6lIUhe7dfdoQ Private key: v1ScMMYqPLUbFU5N6A4a+H9znA9+fi/WHWf61yivPts=