From: Sander A. <sa....@fz...> - 2024-05-15 06:46:26
|
Hi Krzysztof, was this added in meantime or is it planned to be added? Best regards, Sander On Fri, 2023-10-27 at 09:16 +0200, Krzysztof Benedyczak wrote: > Hi Sander, > > W dniu 27.10.2023 o 07:14, Sander Apweiler pisze: > > Hello Krzysztof, > > hello Roman, > > > > one of our connected clients is using Ceph as storage backend and > > it > > requires the certificate which was used to sign the token. > > According to > > https://openid.net/specs/openid-connect-discovery-1_0-21.html#ProviderMetadata > > and https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.6 > > certificates can be added as optional x5c attribute. > > Since I didn't find anything in the manual and nothing endpoint > > configuration, I assume it is not (yet) possible. Can you correct > > me if > > I'm wrong or give your thought about possible extension? > > > Yes, Unity only puts bare keys in oidc metadata. > > Yes, enhancement to also add a full certificate looks fine. > > Best, > Krzysztof > -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschaeftsfuehrung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |