Hello,

I have enabled PKI tokens on my Keystone Server

[ssl]
#enable = True
enable = False
##certfile = /etc/keystone/ssl/certs/keystone.pem
##keyfile = /etc/keystone/ssl/private/keystonekey.pem
#certfile = /etc/keystone/ssl/certs/signing_cert.pem
#keyfile = /etc/keystone/ssl/private/signing_key.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#cert_required = False

[signing]
#token_format = UUID
token_format = PKI
certfile = /etc/keystone/ssl/certs/signing_cert.pem
keyfile = /etc/keystone/ssl/private/signing_key.pem
ca_certs = /etc/keystone/ssl/certs/ca.pem
key_size = 1024
valid_days = 3650
ca_password = None

When I perform a REST API call to Keystone from Java to get a token, I was 
expecting to get an encrypted token that further had to be decoded with a 
public key and then base64 decoded. However, the key I get back is only base64 
encoded. Why isn't it encoded with the private key?

Mark

_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

Reply via email to