On Tue, Jul 14, 2015 at 9:52 AM, Ishara Karunarathna <isha...@wso2.com> wrote:
> Hi, > > On Mon, Jul 13, 2015 at 6:44 PM, Nadeesha Meegoda <nadees...@wso2.com> > wrote: > >> Hi all, >> >> I have a concern regarding the steps followed when configuring a New Key >> store in ES where ES authenticates via IS. >> > I think you have configured SSO with SAML. > >> >> These are the steps followed : >> >> 1. Created a Key store for ES, Imported the key to Client Trust store in >> ES >> 2. Configured ES to work with the new Key store >> 3. Added the ES key to IS Client Trust Store - Note that IS is having the >> default wso2carbon.jks >> > > Here you have created a new keystore and import your public key to your > existing client-truststore.jks > > And to work sso scenario you will have to import public cert of IS to your > new keystore > Normally we add certificates from other parties that we expect to communicate with , to trust store (trust store of ES in this case). So instead of doing so, why do we have to add it to key store of ES ? > > Thanks, > Ishara > >> >> We thought following the above steps will be enough for the Key store >> configurations since ES has the default wso2carbon.jks imported to its >> Client Trust store anyway. >> >> However ES login via IS was not successful due to *not* having the IS >> public key details imported into the key that I created in ES.So ultimately >> the data decryption didn't happen successfully. My concern is that All the >> third party public keys should be imported in to the client trust store not >> to the main key itself. What we do here is we are importing the IS public >> key details to the main key of ES. >> >> My question is do we need to follow all the above with importing the IS >> public key to the main key of ES or 1,2,3 steps would be enough for the New >> key store to work? >> >> >> Thanks & Regards, >> Nadeesha >> >> -- >> *Nadeesha Meegoda* >> Software Engineer - QA >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> email : nadees...@wso2.com >> mobile: +94783639540 >> <%2B94%2077%202273555> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Ishara Karunarathna > Senior Software Engineer > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile: > +94717996791 > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: 0777207357 / 0112747089
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev