UNCREW-11-Inventory-Service PoC inventory-service

Andi Lamprecht ·2026-05-11· 1 min read· Accepted

ADR-0106 · Author: Sybil Melton · Date: 2025-02-07 · Products: uncrew
Originally UNCREW-11-Inventory-Service_PoC_inventory-service (v15) · Source on Confluence ↗

How to Run

Avatar service

go run cmd/avatar/main.go

Mavlinkshim simulator

go run cmd/mavlinkshim/main.go

Dependecies

https://github.com/cloudflare/cfssl

CFSSL is CloudFlare’s PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.

go get github.com/cloudflare/cfssl/cmd/cfssl

brew install openssl

Generate certificates

Generate the CA

It will generate ca.pem and ca-key.pem

cfssl genkey -initca ca-csr.json | cfssljson -bare ca

Generate a server certificate

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server server-csr.json | cfssljson -bare server

Generate a client certificate:

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client client-csr.json | cfssljson -bare client

Revoke certificate

Create a file with list of serial number revoked certificates. One line per serial number. Bigint format.

Serial number 78:85:2b:34:aa:ec:2d:7e:35:fd:f6:c4:24:d1:76:43:78:85:97:11 is equal to 688048655360438525415147708698897550585696196369

How to transform serial number to bigint

python3

>>> int('78852b34aaec2d7e35fdf6c424d1764378859711', 16)
688048655360438525415147708698897550585696196369

How to get serial number:

openssl x509 -in client.pem -text -noout

Generate crl.pem

cfssl gencrl revoke.pem ca.pem ca-key.pem

and add to file

-----BEGIN X509 CRL----- 
-----END X509 CRL-----

Last updated on May 11, 2026

Apollo SEC Frontend Apollo Avatar