+1 for this. Currently, we are using the same keystore for Secure vault as well.
Thanks Godwin On Wed, Nov 8, 2017 at 2:18 PM, Danushka Fernando <[email protected]> wrote: > In real world we are deploying IS behind a LB. And we use SSL termination > at LB level. So most of the time, no one want's to install actual certs to > WSO2 servers. But since Users see the application with some proper cert so > to make SAML response sign with that cert, currently we have to install it > as the primary KeyStore in Carbon. IMHO we need to give the option of > changing it by letting users use a different KeyStore for response signing. > > WDYT? > > Thanks & Regards > Danushka Fernando > Associate Tech Lead > WSO2 inc. http://wso2.com/ > Mobile : +94716332729 <+94%2071%20633%202729> > > On Wed, Nov 8, 2017 at 2:10 PM, Godwin Shrimal <[email protected]> wrote: > >> Hi Dhanushka, >> >> AFAIK it's not possible to use different keystore for token signing. The >> same topic discussed sometime back in [1], it's not only for SAML, for >> other tokens as well. >> @IAM Team: Do we have consider that feature in our roadmaps ? >> >> [1] Architecture] Having separate keystore (private key) for each token >> signing in WSO2IS >> >> Thanks >> Godwin >> >> >> On Wed, Nov 8, 2017 at 8:52 AM, Danushka Fernando <[email protected]> >> wrote: >> >>> Hi All >>> >>> Currently in Identity Server we use server's primary keystore's primary >>> cert for response signing. Is it possible to use a different cert for this >>> somehow? >>> >>> Thanks & Regards >>> Danushka Fernando >>> Associate Tech Lead >>> WSO2 inc. http://wso2.com/ >>> Mobile : +94716332729 <+94%2071%20633%202729> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Godwin Amila Shrimal* >> Associate Technical Lead >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94772264165* >> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >> twitter: https://twitter.com/godwinamila >> <http://wso2.com/signature> >> > > -- *Godwin Amila Shrimal* Associate Technical Lead WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94772264165* linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ <https://www.linkedin.com/in/godwin-amila-2ba26844/>* twitter: https://twitter.com/godwinamila <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
