Summary
This document describes how to create JSON Web Key Set for your keystore.
System Requirements
- Public certificate of keystore, in PEM format
Instruction
1. Get public certificate for signing JWT Token (in PEM format).
2. Go to https://8gwifi.org/jwkconvertfunctions.jsp and upload the pem content and generate.
3. Copy the resulting json. Example:
{“kty”:”RSA”,”e”:”AQAB”,”kid”:”7bd27b3f-651f-4d76-83ea-22f15e4564ae”,”n”:”vMlaMKpqX3iqbbooKhR43igvwlYgDHsZ24AmHW6PWrSHNPG9-ZVd-uLk6ZGn7qYAHsU4vV9RjrihDOCioAEEPdbEjyXrs-6-mORDeRzv3RF7bkF29U8GdhRrwxBGnhYoEMjQC8Z1K4Vsn8EnHlN3r-I_kGxqUbl-zH2E-gWW5q1sldPo_5iB6vXXy3KePMH0z4elV6NYhwmEFbZ92RRz-6BbW_8ciYutnbxaq7JxGxZH5kTfrEZoHybQvdI4z724zLFB2ipmIffRaytuntTdk_HMWbB_918doaRNYy_U6Ja1fmEOV3RXyUR3gKBtM1-67be9tpDDgCavnjQaUV13ow”}
4. Open the crt and copy the certificate data (without begin and end row). Remove all linebreaks. Make sure there are no spaces.
Result:
MIIDxzCCAq+gAwIBAgIQGFAIcaBkJo5KzHO4gNTxsjANBgkqhkiG9w0BAQUFADBuMQswCQYDVQQGEwJTRTEPMA0GA1UECAwGTWFsbcO2MQ8wDQYDVQQHDAZNYWxtw7YxGzAZBgNVBAoMElR1bnN0YWxsIE5vcmRpYyBBQjEMMAoGA1UECwwDVEVTMRIwEAYDVQQDDAlURVMgU2FtbDIwHhcNMTgxMDIzMTEwMTQ0WhcNMzgxMDIzMTExMTQ0WjBuMQswCQYDVQQGEwJTRTEPMA0GA1UECAwGTWFsbcO2MQ8wDQYDVQQHDAZNYWxtw7YxGzAZBgNVBAoMElR1bnN0YWxsIE5vcmRpYyBBQjEMMAoGA1UECwwDVEVTMRIwEAYDVQQDDAlURVMgU2FtbDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpE7Qj+pmxelH0+e4vUxh1hmxe1E4eX6fWnUP3HvCPPE2Q50hIQpcPVIkEnTt6i/cjeQ6naXSCw7KMTD+Q9uoIUj1nS0JRK6PYzPbWmPAej4JC+aO6/vvMVJ26xXCLrHRXT5dCk3KSnimdbBIro1dOZv97fn27eUDxtg/CtR1ws69af0cuyUjn3/fiXBRDh8KMvhYJNgvZ+HzRo197yn0v1ETLUOqQCN8oJgUvuPmtXWil0vv9Ty7OKKuVBbBvAAHl9pYlD9T1NgRsHfYehVwKBmnfDxer8wlAjqld932EIQLSfZB+OStZVPXfGQGdwBBEk6i0ToBDDRFm76SfXl0RAgMBAAGjYTBfMA4GA1UdDwEB/wQEAwIEkDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUS1F2kEKYhSbzsYuZmd3c2VOg+FswDQYJKoZIhvcNAQEFBQADggEBAHMqL25Ee2vEP1WFIZtsJViPFinu9/91CGA0GPwvgdBJISzVI24NaTJAYQ8Tc8tiJz6PD2cDTr6juG9G0Y6P3nGAZNH/c1ur2xiZ0JWpP65C2+p7pU39KUgbpl7q8tzv8mcp4BKmu8HElqFXRUbm8c7fJQcwHNMu4Tu4vG4/iwd/ITuZA/t9d80eTnl1LzzHGse2yK9CgkPnMaV/9QeZLxDGwb2yM1tE/St8GVNynTvSo7tBcwph6hUGhfKnbHM0OMEbxzO6QoPYXYEuLzvSLSTbOcVenG1LXQkDwbD8XzPm6L9rGBc4ukz3uWdUMV/EvromeV5z92xF9BhRDUX0VsU=
This will be used as the “x5c[0]” value in the keys file.
5. Edit the json from point 3.
Add these params:
“alg” : “RS256”,
“use” : “sig”,
“x5c”: [
“<content_from_point_4_above>”
]
6. Validate the resulting json syntax using online tool (such as jsonlint).
Example
https://integration.phenixid.se/oidc/t1/keys
DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.
PhenixID - support.phenixid.se