I'm attempting to enable credential release using ClearPass configuration as described in the documentation <https://apereo.github.io/cas/5.0.x/integration/ClearPass.html>.
The *Create Keys *section of this page results in the creation of 4 files: - private.key - public.key - private.p8 - x509.pem How is the x509.pem file expected to be used in this process? I suspect that the certificate request is intended to be sent to a CA for signing but once that happens, how would the resulting certificate be used? I was able to configure my application to successfully receive the user credential attribute by providing *public.key* to the CAS server. I'm guessing that this is what is meant by the reference to "classpath:RSA1024Public.key" in the *Register Service *section. I was also able to decrypt the encrypted credential attribute by loading the private.p8 file with an instance of PKCS8EncodedKeySpec to generate the private key from it. With this functioning correctly, I am puzzled by the purpose of the x509.pem file. Is there some way to configure the service to read the public key from a signed unexpired certificate file? -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6a6a28be-e932-4518-a94b-eddf786aa9fe%40apereo.org.