Quickstart: Deploy a JavaScript application to an Azure Managed CCF resource

In this quickstart tutorial, you will learn how to deploy an application to an Azure Managed CCF (Managed CCF) resource. This tutorial builds on the Managed CCF resource created in the Quickstart: Create an Azure Managed CCF resource using the Azure portal tutorial.


  • OpenSSL on a computer running Windows or Linux.

Download the service identity

An Azure Managed CCF resource has a unique identity called the service identity. It is represented by a certificate and is created during the resource creation. Every individual node that is part of the Azure Managed CCF resource has its self-signed certificate, endorsed by the service identity, which establishes trust on it.

Customers are recommended to download the service identity certificate and use it to establish a TLS connection when interacting with the service. The following command downloads the certificate and saves it into service_cert.pem.

curl https://identity.confidential-ledger.core.azure.com/ledgerIdentity/confidentialbillingapp --silent | jq ' .ledgerTlsCertificate' | xargs echo -e > service_cert.pem

Deploy the application


When executing the commands on a Mac, replace date -Is with date +%FT%T%z.


This tutorial assumes that the JavaScript application bundle is created using the instructions available here.

  1. Submit the application bundle present in set_js_app.json by creating a proposal.
$ proposalid=$( (ccf_cose_sign1 --content set_js_app.json --signing-cert member0_cert.pem --signing-key member0_privk.pem --ccf-gov-msg-type proposal --ccf-gov-msg-created_at `date -Is` | curl https://confidentialbillingapp.confidential-ledger.azure.com/gov/proposals -H 'Content-Type: application/cose' --data-binary @- --cacert service_cert.pem | jq -r '.proposal_id') )
  1. The next step is to accept the proposal by submitting a vote.
cat vote_accept.json
  "ballot": "export function vote (rawProposal, proposerId)\n
    // Accepts any proposal\n
    return true;\n

ccf_cose_sign1 --content vote_accept.json --signing-cert member0_cert.pem --signing-key member0_privk.pem --ccf-gov-msg-type ballot --ccf-gov-msg-created_at `date -Is` --ccf-gov-msg-proposal_id $proposalid | curl https://confidentialbillingapp.confidential-ledger.azure.com/gov/proposals/$proposalid/ballots -H 'Content-Type: application/cose' --data-binary @- --cacert service_cert.pem
  1. Repeat the above step for every member in the Managed CCF resource.

When the command completes, the application is deployed to the Managed CCF resource and is ready to accept transactions.

Next steps