Versions Compared

Old Version 1

changes.mady.by.user Unknown User (m.schadd)

Saved on

compared with

New Version 2

changes.mady.by.user Unknown User (m.schadd)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Blueriq JWT authentication provider currently only supports 'SHA256withRSA' to cryptographically sign the JWTs. The RSA private key and X.509 certificate are loaded from a Java keystore. Generated JWTs expire one hour after they are generated. It is entirely up to the receiving system to validate the JWTs. Use the 'x5t#S256' or 'x5t' certificate thumbprint header to select the correct RSA public key for signature validation.

Key store example

 

Code Block
<JAVA_HOME>\bin\keytool -list -keystore test_keystore.jks
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

blueriq_test_only_cert, 12-nov-2015, trustedCertEntry,
Certificate fingerprint (SHA1): EA:1A:31:BB:6C:A5:70:B0:A8:CB:BA:18:CA:AD:D4:6A:D1:0A:50:99
blueriq_test, 11-nov-2015, PrivateKeyEntry,
Certificate fingerprint (SHA1): 55:BD:8F:4A:97:B4:76:FB:02:D6:6B:50:AC:D7:94:13:86:FC:91:4B

...