[
https://issues.apache.org/jira/browse/KNOX-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Larry McCay updated KNOX-2146:
------------------------------
Component/s: (was: KnoxSSO)
Site
> Knox JWT token signature verification using public key
> ------------------------------------------------------
>
> Key: KNOX-2146
> URL: https://issues.apache.org/jira/browse/KNOX-2146
> Project: Apache Knox
> Issue Type: Bug
> Components: Site
> Affects Versions: 1.0.0
> Environment: Ubuntu 18.04, HDP 3.1
> Reporter: Matei C.
> Priority: Minor
>
> Hello,
> I have configured an Apache Knox (1.0.0) topology to accept 3rd party JWTs
> by following this [Cloudera
> guide|[https://community.cloudera.com/t5/Community-Articles/Knox-Accept-third-party-JWT/ta-p/248488]].
>
> I would also like to verify the 3rd party JWts based on their signature by
> adding my IdP's public key in PEM format for the JWT provider, but in the
> guide it is specified that only PEM certificates are accepted (' [...] *In
> current Knox version, public key is not supported, have to configure public
> certificate [...]*') and I have not found any relevant documentation from
> Knox on this subject.
>
> Can you please tell me if there is any solution to use public keys for JWT
> verification in Knox 1.0.0 ? If not, are there any plans to support this in
> future Knox releases ?
> P.S.:
> When adding the 'knox.token.verification.pem' parameter with the public key
> in the JWT provider of my topology I noticed the below error in my
> gateway.log, which does seem to confirm the public key limitation.
>
> {code:java}
> javax.servlet.ServletException: javax.servlet.ServletException:
> CertificateException - PEM may be corrupt
> {code}
>
> Regards,
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
