Verifying the kbs directory tree structure

You must verify the structure of the kbs directory before proceeding with the deployment.

1. Verify the structure of the kbs directory by running the following command:

   $ tree ~/kbs

   Example output

   ├── data
   │   ├── attestation-service
   │   │   └── opa
   │   │       └── default.rego
   │   ├── hdr
   │   │   └── hdr.bin
   │   ├── hkds
   │   │   └── HKD.crt
   │   ├── kbs-storage
   │   │   └── key
   │   ├── policy.rego
   │   └── rsa
   │       ├── encrypt_key.pem
   │       ├── encrypt_key-psw.pem
   │       └── encrypt_key.pub
   ├── kbs-config.toml
   ├── kbs.key
   └── kbs.pem
   └── localhost.key
   └── localhost.crt
   └── cosign.pub
   └── osc

   Table 1. Key and Certificate Usage

   Key / Certificate	Usage
   kbs.key	Part of the user auth key pair; used to perform admin operations on a Trustee using KBS Client
   kbs.pem	Public key of the user auth key pair; used with Trustee admin operations through KBS Client
   encrypt_key.pem	Verifier private RSA key used to decrypt agent payloads
   encrypt_key.pub	Public RSA key used by the Attestation Agent to encrypt payloads for the Verifier
   localhost.key	TLS private key for secure communication between SE PeerPod VM and the CCRV instance where KBS is deployed
   localhost.crt	Self-signed TLS certificate for communication between SE PeerPod VM and the CCRV instance where KBS is deployed