Menu
▾
▴
Re: [Unity-idm-discuss] Adding certificate in JWK endpoint
|
From: Roman K. <ro...@un...> - 2024-05-17 16:20:36
|
Hi Sander, This work has been ticketed but there is no timeline for it yet. Best regards, Roman śr., 15 maj 2024 o 08:46 Sander Apweiler <sa....@fz...> napisał(a): > Hi Krzysztof, > was this added in meantime or is it planned to be added? > > Best regards, > Sander > > On Fri, 2023-10-27 at 09:16 +0200, Krzysztof Benedyczak wrote: > > Hi Sander, > > > > W dniu 27.10.2023 o 07:14, Sander Apweiler pisze: > > > Hello Krzysztof, > > > hello Roman, > > > > > > one of our connected clients is using Ceph as storage backend and > > > it > > > requires the certificate which was used to sign the token. > > > According to > > > > https://openid.net/specs/openid-connect-discovery-1_0-21.html#ProviderMetadata > > > and https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.6 > > > certificates can be added as optional x5c attribute. > > > Since I didn't find anything in the manual and nothing endpoint > > > configuration, I assume it is not (yet) possible. Can you correct > > > me if > > > I'm wrong or give your thought about possible extension? > > > > > Yes, Unity only puts bare keys in oidc metadata. > > > > Yes, enhancement to also add a full certificate looks fine. > > > > Best, > > Krzysztof > > > > -- > Large-Scale Data Science > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Stefan Müller > Geschaeftsfuehrung: Prof. Dr. Astrid Lambrecht (Vorsitzende), > Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
