-- create a keypair for the server (scripts/generateKeys.sh)
-- create a truststore for the server (scripts/generateTruststore.sh)
+- use cacert-nre to generate a roots structure
+- extract the gigi-*.tar.gz file into "config"
+- execute "generateTruststore.sh" there
+- extract the signer-server-*.tar.gz into "signer"