I want to install rpki validator as a validation software on a debian 11 VM.
I have installed rpki validator from this site How to Install an RPKI Validator | RIPE Labs. The installation went well but I can’t execute this command: curl -H “Accept: text/csv” localhost:8080/api/export.csv, it gives me curl: (7) Failed to connect to localhost port 8080: Connection refused.
Is it from my VM or from the installation of rpki-validator which was badly done?
Thank you in advance
Thanks for your question. These validators can be tricky to run, especially back in 2019 when the article was published.
The article describes the installation of four different RPKI validators. What validator did you install?
The URL/port/API they have to download the validated object content differs for each validator.
If you installed the RIPE NCC RPKI validator, I recommend picking a different one. The RIPE NCC RPKI validator was deprecated; there are better alternatives available.
I have installed the RIPE NCC RPKI Validator.
Is the routinator more recent?
routinator is easy to install and is well maintained.
The RIPE validator has been deprecated. routinator, fort, octorpki, and rpki-client are being maintained.
Thank you for your information.
I have chosen the routinator software to make my RPKI server.
But I have a question. I’m not sure if I should use TLS or SSH to set up my RTR server.
The choice of transport depends on what is supported and how much you trust the network between the router and RTR server. As far as I know the most commonly used methods are plaintext or SSH.
Of course it is important to think about the risks when using plaintext. If you trust the network, this limits the risk of using plaintext. On a less, or non-trusted network (worst, very unlikely case: public wifi) I would really want authentication/security.