OneLogin for Java:配置证书和PK
如何准确配置证书和PK 为了安全起见,我可能不想在源代码中保留我的PK。那么如何指定自定义路径呢 但与此同时,这是正确的吗OneLogin for Java:配置证书和PK,java,saml,onelogin,Java,Saml,Onelogin,如何准确配置证书和PK 为了安全起见,我可能不想在源代码中保留我的PK。那么如何指定自定义路径呢 但与此同时,这是正确的吗 # Usually x509cert and privateKey of the SP are provided by files placed at # the certs folder. But we can also provide them with the following parameters onelogin.saml2.sp.x509cert = ----
# Usually x509cert and privateKey of the SP are provided by files placed at
# the certs folder. But we can also provide them with the following parameters
onelogin.saml2.sp.x509cert = -----BEGIN CERTIFICATE-----
MIICQjCCAaugAwIBAgIEJC7VoDANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJV
...
rYsMZmOthlq9nzyvTgYPWUozUX2PsUvrWDOehtulcfO9GbT7TqhSfs96RWoAJlpx
DVnF33gs
-----END CERTIFICATE-----
# Requires Format PKCS#8 BEGIN PRIVATE KEY
# If you have PKCS#1 BEGIN RSA PRIVATE KEY convert it by openssl pkcs8 -topk8 -inform pem -nocrypt -in sp.rsa_key -outform pem -out sp.pem
onelogin.saml2.sp.privatekey = -----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKUKJ+2aDsroFdbv
...ZKL4hvtee3nRwXyjjVdeXF9vZrbqSAkVdRt+RnqtqvvHTkpUWWoHWhNT8ijyLvst
+L8dfnvBv2S6hg==
-----END PRIVATE KEY-----
Simon目前,java saml只能从设置文件中读取SP公钥/私钥。支持从文件中读取它们是我们想要实现的,但无法告诉您何时准备好 设置上的属性必须位于一个唯一的行中,因此您的值是错误的 当使用HTTP-POST绑定发送SAMLResponse时,指纹是一种更简单的方法,可以提供一种验证SAMLResponse签名的方法(在使用HTTP重定向绑定发送的SAML消息上无效)