Encryption 使用keytool生成密钥对,处理PKCS1 v1.5/解密失败
我需要将我们的SimpleSAMLphp SP连接到客户SAML2.0 IdP。我们以前做过几次,效果很好。通常,我们客户的证书是使用OpenSSL创建的,我们以前没有遇到过任何问题 我们当前的客户正在使用JavasEncryption 使用keytool生成密钥对,处理PKCS1 v1.5/解密失败,encryption,saml-2.0,keytool,simplesamlphp,pkcs#1,Encryption,Saml 2.0,Keytool,Simplesamlphp,Pkcs#1,我需要将我们的SimpleSAMLphp SP连接到客户SAML2.0 IdP。我们以前做过几次,效果很好。通常,我们客户的证书是使用OpenSSL创建的,我们以前没有遇到过任何问题 我们当前的客户正在使用Javaskeytool为元数据交换生成证书 已使用以下命令生成证书: keytool -genkeypair -keystore saml.jks -alias idp-signing -dname "cn=idp-signing-INT" -validity 1825 -keyalg RS
keytoolkeytool -genkeypair -keystore saml.jks -alias idp-signing -dname "cn=idp-signing-INT" -validity 1825 -keyalg RSA -sigalg SHA256withRSA -keysize 2048
keytool -list -v -keystore saml.jks -alias idp-signing
Alias name: idp-signing
Creation date: 27-Jun-2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=idp-signing-INT
Issuer: CN=idp-signing-INT
Serial number: 5f09e950
Valid from: Tue Jun 27 12:00:34 CEST 2017 until: Sun Jun 26 12:00:34 CEST 2022
Certificate fingerprints:
MD5: 85:E8:5D:EB:11:9B:CA:3C:02:06:65:A7:82:A4:4B:2B
SHA1: 41:79:18:80:65:C4:D6:27:CD:27:05:11:AD:5A:43:33:60:C7:89:AA
SHA256: 65:53:6E:FD:98:1E:0E:FE:B8:0F:50:11:EC:9A:06:FD:7C:27:F5:F5:D6:C8:11:AB:FA:D6:CE:80:86:09:CC:DF
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C 88 3B 15 B4 22 FD 83 B6 BE 35 7F 3E E4 72 1E ..;.."....5.>.r.
0010: 30 7C 84 89 0...
]
]
解密失败:算法禁用keytool