I'm attempting to enable credential release using ClearPass configuration as described in the documentation <https://apereo.github.io/cas/5.0.x/integration/ClearPass.html>.
The *Create Keys *section of this page results in the creation of 4 files: - private.key - public.key - private.p8 - x509.pem How is the x509.pem file expected to be used in this process? I suspect that the certificate request is intended to be sent to a CA for signing but once that happens, how would the resulting certificate be used? I was able to configure my application to successfully receive the user credential attribute by providing *public.key* to the CAS server. I'm guessing that this is what is meant by the reference to "classpath:RSA1024Public.key" in the *Register Service *section. I was also able to decrypt the encrypted credential attribute by loading the private.p8 file with an instance of PKCS8EncodedKeySpec to generate the private key from it. With this functioning correctly, I am puzzled by the purpose of the x509.pem file. Is there some way to configure the service to read the public key from a signed unexpired certificate file? -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6a6a28be-e932-4518-a94b-eddf786aa9fe%40apereo.org.
