Configuring Spring Oauth2 with JWT & asymmetric RSA keypair
2017-06-20 15:39
471 查看
Step 1: Generate RSA key pair.
Here are the steps I took to create my RSA key pairs with Java keytoolcommand. Although I did this to configure my spring
oauth2 jwt application, of course, it is not only restricted to that.Lets create our java keystore(.jks) file:
$ keytool -genkeypair -alias mytestkey -keyalg RSA \ -dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US" \ -keypass changeme -keystore server.jks -storepass letmein
We generated a keypair named mytestkey with an RSA algorithm.
Option -keypass changeme is to access the specific keypair, which is mytestkey in
our case & -storepass letmein is to access the whole keystore file.
Export public key certificate file.
$ keytool -export -keystore server.jks -alias mytestkey -file example.cer
With this certificate file we can find get our public key in the next section.
Using openssl to
print the public key.
openssl x509 -inform der -in example.cer -pubkey -noout
This command will show the public key:
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Kd1vQNTLHLVhyMR0JHj Q3CxJ9Roi6aZTzUk/HDerxJ+1ey8CdX4zf8bFA9Fh21KTo 4000 jw87yt76A6GpCuru6P zxCou0GLPwFwKCS1SFcsysOMSxRAhgIssjujGnbC2Q0XPDpsGYJVavnHGZ7cI7Hn sXqHcL0dmbgEfI7NR7wCGHoo1NxjfwOQXtCGH3w/Tg2BLA3HNyRclrCfJuS3aj0y tr7tOWdzgguztH6E4xoqKdn7FEMMtBEsggw7Z4H8uziUy37Z7iOMTdmwZvbpMrns IUZElqnYcRFYLPRH5xsSl1Y129fAbW03WW63agzy9DWO5HhT44ePJDrkZqsEaHKw /QIDAQAB -----END PUBLIC KEY-----
Another way to achieve this using java code, which is bit more complex, is:
spring oauth2s
JwtAccessTokenConverter.
Step 2: Configure Spring Oauth2
Authorization server:.In your
application.ymlfile(note
that spacing is messed up below, you should have a proper spacing):
spring:
oauth2:
resource:
jwt:
keyValue: |
—–BEGIN PUBLIC KEY—–
MIIBIjANBgkqhkiG9…
—–END PUBLIC KEY—–
相关文章推荐
- [转]how to sign an assembly with a strong name & how to create a pair key怎样通过强名给程序集签名以及如何创建钥匙对?
- 'ft2232' interface using libftdi with 'jtagkey' layout (1457:5118)unable to open ftdi device
- The authenticity of host 'www.101du.net (60.210.17.34)' can't be established. RSA key fingerprint is xxxx. Are you sure you want
- No provisioning profiles with a valid signing identity (i.e. certificate and private key pair) match
- Dictionary、List<KeyValuePair<i>>的组合使用
- xcode 4.2 "XCode could not find a valid private-key/certificate pair for this profile" 解决方案
- Cannot insert duplicate key row in object 'dbo.DependencyNodeBase' with unique index 'ndx_Dependency
- how to sign an assembly with a strong name & how to create a pair key怎样通过强名给程序集签名以及如何创建钥匙对?
- 【OpenSSL】Generation of RSA key pair
- C++ AMP: restrict – a key new language feature introduced with C++ AMP
- With KEY & With Table KEY 的使用
- 删除ssh中旧的RSA&nbsp;key[转]
- The identity 'iPhone Developer' doesn't match any valid...key pair in your keychains
- KeyValuePair<byte, string> 类型的数据如何绑定到ComboBox控件上
- Unit 2-Lecture 3-4: Euler's Theorem & RSA Public key Encryption
- 解决 Agent admitted failure to sign using the key 问题 with ssh & repo
- iWatch报错: Fail to code sign "***" No valid signing identities (i.e. certificate and private key pair
- Debug System Hang with “magic SysRq key"
- Red Hat 操作系统 rpm 安装FTP提示"warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID fd431d5"
- error C3225: generic type argument for 'T' cannot be 'System::Collections::Generic::KeyValuePair ^',