Manifest definition file
The c2patool reads a manifest definition JSON file with a
.json extension. This file defines a single manifest to be added to an asset's manifest store.
In the manifest definition file, file paths are relative to the location of the file unless you specify a
The example below is a snippet of a manifest definition that inserts a CreativeWork author assertion. This example uses the default testing certificates in the sample folder that are also built into the c2patool binary. Copy this JSON into a file to use as a test manifest.
NOTE: When you don't specify a key or certificate in the manifest
sign_cert fields, the tool will use the built-in key and cert. You'll see a warning message, since they are meant for development purposes only. For actual use, provide a permanent key and certificate in the manifest definition or environment variables; see Creating and using an X.509 certificate.
The following manifest properties are specific to c2patool and used for signing manifests:
alg: Signing algorithm to use. See Creating and using an X.509 certificate for possible values. Default:
private_key: Private key to use. Default:
sign_cert: Signing certificate to use. Default:
ta_url: Time Authority URL for getting a time-stamp (for example,
http://timestamp.digicert.com). A time-stamp provides a way to confirm that the manifest was signed when the certificate was valid, even if the certificate has since expired. Howver, the Time Authority URL requires a live online connection for confirmation, which may not always be available.
"name": "Joe Bloggs"