The certificates are signed by a publicly trusted CA, similar to any other site that uses HTTPS.

You get:

1. A hostname (Common Name in the certificate) that is under Beame's domain.
2. A matching certificate.
3. A pair of keys of course

Credentials, that you create while using Beame SDK, can be used for TLS on your server, or any other relevant purpose, such as authentication and encryption.
Beame.io provisioning handles ... the provisioning of certificates.

Our tunnel servers (the edge servers) allow routing of traffic to your servers even when your servers don't have a routable IPs.

1. run npm install -g beame-sdk

2. Go to https://registration.beameio.net/ with a regular web browser.

3. Put in your name and email, and wait for a confirmation email.

4. In the confirmation email, you should see a command that looks like this, run it:

   beame creds createDeveloper --developerFqdn nc6qd6e6w0vd8hw5.v1.beameio.net --uid XXXXX-5a45-4165-a3cb-fb4060e46671

Please note, that this diagram, was designed to show how the service works. Important to understand, that beame SSL proxies are transparent, data passes thru them without being touched.

See larger network diagram

At the end of each of the following steps you will be provided with a hostname under Beame's domain and a matching publicly trusted x509 certificate. The keys for the certificates are generated and stored locally on your computer. The keys do not leave your computer (unless you intentionally export them).

1. Register as a developer
2. Create an atom (an application) under the developer
3. Create an edge client (a user server) under the atom

At this point you can proceed with any of the following actions:

• Run a server (aka edge client) with a publicly trusted x509 certificate
• Sign arbitrary data with any of your certificates
• Check signatures of arbitrary data
• Encrypt arbitrary data so that only a specified entity can decrypt it
• Decrypt arbitrary data, that was sent to one of the entities you own (encrypted with one of your public keys)

npm install -g beame-sdk

Bash completion is available, run beame to see instructions.

First ensure, that your bash version is 4.3 or higher (echo $BASH_VERSION). If not - upgrade it. Care to replace 4.3.46 from snippets below by your new bash version.
brew update && brew install bash
Add new shell to available shells
sudo bash -c 'echo /usr/local/Cellar/bash/4.3.46/bin/bash >> /etc/shells'
Change to the new shell
chsh -s /usr/local/Cellar/bash/4.3.46/bin/bash

Open new terminal and run:

brew tap homebrew/versions
brew rm bash-completion
brew install bash-completion2

Add following instructions to your .bashrc file (if you don't have .bash_profile in your Home directory, create one :)

if [ -f $(brew --prefix)/share/bash-completion/bash_completion ]; then
    . $(brew --prefix)/share/bash-completion/bash_completion
fi

source /usr/local/lib/node_modules/beame-sdk/src/cli/completion.sh

Open new terminal and begin using beame-sdk cli with auto-completion.

• BEAME_DIR (defaults to ~/.beame) - Beame.io SDK data directory - all created credentials

The structure of the Beame data folder is an implementation detail. You should not work with it directly. Use provided APIs or CLI to store and retrieve the data.

If you have completed the "Getting Started The Easy Way" above, you can feel free to use all what's described below At any moment, using beame-sdk, you can see all credentials you currently own, by running: beame creds show

The following commands are used for acquiring and manipulating certificates.

• beame creds list [--type {developer|atom|edgeclient}] [--fqdn fqdn] [--format {text|json}] - list certificates
• beame creds show [--type {developer|atom|edgeclient}] [--fqdn fqdn] [--format {text|json}] - show certificate details
• beame creds createAtom --developerFqdn developerFqdn --atomName atomName [--format {text|json}] - create atom entity under current developer
• beame creds createEdgeClient --atomFqdn atomFqdn [--format {text|json}] - create edge client entity under the given atom
• beame creds renew [--type {developer|atom|edgeclient}] [--fqdn fqdn]
• beame creds purge [--type {developer|atom|edgeclient}] [--fqdn fqdn]

• beame servers HttpsServerTestStart --edgeClientFqdn edgeClientFqdn - run a HTTPS server for the specified hostname

• beame crypto encrypt [--data data] [--fqdn fqdn] - encrypts the given data so that only the owner of the specified entity can decrypt it
• beame crypto decrypt [--fqdn fqdn] [--data data] - decrypts the given data. You must be the owner of the given entity
• beame crypto sign [--data data] [--fqdn fqdn] - signes the given data as the specified entity
• beame crypto checkSignature [--fqdn fqdn] [--data data] --signature signature - verifies the correctness of the signature

##############################################################################

###The idea behind the node.js sdk APIs is that you can employ Beame.io CLI functionality in your own node js project. ###Receive publicly trusted cert with pseudo-random routable hostname and run your new SSL server in the same flow (or later, whenever you see it fit).

Provided APIs should be used after you have performed first two steps described above: global npm install beame-sdk and email based developer creation.

Exported nodeJS APIs allow creation of 2 levels of credentials:

• atom - application under developer
• edgeClient - host under atom, intended to be exposed to the outer world

Current SDK release indends extensive CLI usage (see description above). So nodeJS APIs provide high level of access.
Be aware, that API on each level require credentials created on previous/higher level:
To use any API from beame-sdk include

var beameSDK = require ("beame-sdk");

    beameSDK.creds.createAtom(devHostname,appName, amount, function(data){//amount - number of atoms to create
        //atom level hostname returned in: <data.hostname>
    });

    beameSDK.creds.createEdgeClient(atomHostname, amount, function(data){//amount - number of edgeClient to create
        //edge level hostname returned in: <data.hostname>
    });

###Beame-sdk provides example https server, that allows beame client to build and run fully functional https server with express support and with credentials created in steps described above

Export environment variable 'BEAME_PROJ_YOURPROJECTNAME' with value of edge-client-hostname (edgeClientFqdn) In your server main.js create your server with following command:

    	var BeameServer = beameSDK.BaseHttpsServer.SampleBeameServer(host, PROJECT_NAME, appExpress,
        function (data, app) {
            //your code
        });

*host - edge hostName (pass if you use environment variable - see below)
*PROJECT_NAME - name of environment variable that contains edgeClient hostname (pass if you provided full hostname in first parameter)
*appExpress - express object. If you don't need express in your pplication, pass
*function(data,app){} - callback, returned app - created http object

Install Beame SDK by running in terminal:npm install beame-sdk -g

Register as developer in: https://registration.beameio.net/
Upon receiving confirmation e-mail, copy-paste-run a command provided in e-mail body, should look like:
beame creds createDeveloper --developerFqdn nc6qd6e6w0vd8hw5.v1.beameio.net --uid XXXXX-5a45-4165-a3cb-fb4060e46671 Create web page with you preferred software (like Keynote -> export HTML on Mac).
Store your new web page in public folder in directory of your future web server.
Run npm init in project directory (enter to all options that npm asks)
In same location install npm install beame-sdk -save
Install express package by npm install express -save
Create index.js and copy-paste into it code below.
Run it with node index.js
In console output you will see something like:
Server started on: https://h3a6ipg1jz95x35n.v1.r.p.edge.eu-central-1b-1.v1.p.beameio.net { Hostname: 'h3a6ipg1jz95x35n.v1.r.p.edge.eu-central-1b-1.v1.p.beameio.net' }

Go to web brower and direct it to your new secure web server by copying https://hostname from console output
That's that. You have your own https server running on your local machine, available from allover the world :)

"use strict";
var beameSDK = require ("beame-sdk");
var express = require('express');
var devHostname = "put-here-developer-name-you-got-from-creating-developer";
var appName = "MyBeameTestServer";
var appExpress = express();
var edgeHostname;
appExpress.use(express.static(__dirname + '/public'));

var runTestBeameServer = function(){
    beameSDK.BaseHttpsServer.SampleBeameServer(edgeHostname, null, appExpress, function (data, app) {
        console.log('Server started on: https://'+edgeHostname);
        appExpress.get('/', function(req, res) {
            res.sendFile(path.join(__dirname + '/index.html'));
        });
            // process http events here with <app> if needed
    });
};

beameSDK.creds.createAtom(devHostname,appName, 1, function(data){
	console.log('Just created atom with host:'+data.hostname);
	beameSDK.creds.createEdgeClient(data.hostname, 1, function(edgeData){
		edgeHostname = edgeData.hostname;
		console.log('Congrats! My new hostname is: '+ edgeHostname);
		setTimeout(runTestBeameServer, 2000);//JIC - wait dns to update
	});
});

#Copy-paste example of https server with express support

Below code snippet is actually a part of larger code above. So it requires all needed installations (npm/express/beame-sdk/placing-html-files-in-public-folder) to be performed prior to run.
In order to see credentials that you have created, use beame creds list in terminal. Hostname, that is listed in row named edgeclient ,is the one, that you'll need to provide to SampleBeameServer as hostname.

"use strict";
var beameSDK = require ("beame-sdk");
var express = require('express');
var appExpress = express();
var hostname = "h3a6ipg1jz95x35n.v1.r.p.edge.eu-central-1b-1.v1.p.beameio.net";
appExpress.use(express.static(__dirname + '/public'));

var runTestBeameServer = function(){
    beameSDK.BaseHttpsServer.SampleBeameServer(hostname, null, appExpress, function (data, app) {
        console.log('Server started on: https://'+hostname);
    });
};
runTestBeameServer();