IdentityServer4 AddSignerCredentials RSA示例 [英] IdentityServer4 AddSignerCredentials RSA example
问题描述
准备将IdentityServer4设置从开发阶段转移到测试阶段,我需要从AddDeveloperCredentials()迁移AddSignerCredentials().我可以生成一个私有和公共的RSASecurityKey,但是不清楚要传递给AddSignerCredentials()的RsaSecurityKey是什么.发现端点以某种方式知道公钥,但是我们想用私钥对令牌进行签名.似乎都不起作用
Getting ready to move our IdentityServer4 setup from dev to test and I need to get the AddSignerCredentials() piece migrated from AddDeveloperCredentials(). I can generate a private and public RSASecurityKey but I'm unclear as to what RsaSecurityKey to pass to AddSignerCredentials(). The discovery endpoint somehow knows about the public key, but we'd want to sign tokens with the private key. Neither seems to work
在我错过的文档中的某个地方有一个如何使用它的示例吗?
Is there an example of how to use this somewhere in the documentation that I missed?
推荐答案
-
在命令提示符中使用以下演示命令,使用openSSL创建证书:
Use openSSL to create the certificate using the following demo command in your command prompt:
->OpenSSL req -x509 -newkey rsa:4096 -sha256 -nodes -keyout
IdentityServer4.key -out IdentityServer4.crt -subj
"/CN=IdentityServer4.com" -days 3650
->OpenSSL pkcs12 -export -out IdentityServer4.pfx -inkey
IdentityServer4.key -in IdentityServer4.crt -certfile IdentityServer4.crt
将该证书安装到您当前的用户配置文件中.
Install that certificate to your current user profile.
替换
AddDeveloperSigningCredential()
使用
AddSigningCredential("ThumbprintOfCertificate", StoreLocation.CurrentUser,NameType.Thumbprint)
就是这样.
这篇关于IdentityServer4 AddSignerCredentials RSA示例的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
