WSO2carbon 的 RSA 公钥 [英] RSA Public Key of WSO2carbon

问题描述

我正在从 WSOAM 生成 JWT 令牌，然后将其作为标头传递给 API.我在 nodejs 中创建了我的 API，我正在使用 jsonwebtoken 插件来验证和解码 JWT.

I am generating JWT token from WSOAM which is then passed as a header to API. I have my API created in nodejs and I am using jsonwebtoken plugin to verify and decode the JWT.

我无法找到 Wso2carbon 的 RSA 公钥来验证/解码令牌.

I am unable to find RSA Public key of Wso2carbon to verify/decode the token.

请帮助我如何生成 RSA 公钥或者我应该在哪里找到这个密钥?

Please help me as how to generate the RSA Public key or where should I find this key ?

推荐答案

所有 WSO2 产品都使用安装在 wso2carbon.jks 密钥库 文件位于 <WSO2_AM>/repository/resources/security 目录中.建议使用您自己的密钥库，而不是所有 WSO2 产品随附的默认密钥库.

All WSO2 products use the default public/private key pairs installed into wso2carbon.jks keystore file found in <WSO2_AM>/repository/resources/security directory. It's advised to use your own keystore instead of this default keystore shipped with all WSO2 products.

建议将此默认密钥库替换为新的密钥库具有自签名或 CA 签名证书的产品部署在生产环境中.这是因为 wso2carbon.jks 是可用于开源 WSO2 产品，这意味着任何人都可以拥有访问默认密钥库的私钥.

It is recommended to replace this default keystore with a new keystore that has self-signed or CA signed certificates when the products are deployed in production environments. This is because wso2carbon.jks is available with open source WSO2 products, which means anyone can have access to the private key of the default keystore.

如果您要使用默认的私钥/公钥，请使用以下命令提取密钥.

If you are going to use the default private/public keys, use the following command to extract the key.

keytool -export -keystore <WSO2_AM>/repository/resources/security/wso2carbon.jks -alias wso2carbon -file Example.cer

这篇关于WSO2carbon 的 RSA 公钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！