There's a big message displayed in the log that mentions how to create your
key:
WARNING: Couldn't load OAuth signing key. To create a key, run:
openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \
-out testkey.pem -subj '/CN=mytestkey'
openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform
PEM
Then edit gadgets.properties and add these lines:
shindig.signing.key-file=<path-to-oauthkey.pem>
shindig.signing.key-name=mykey
On Wed, Jun 16, 2010 at 10:19 PM, Randy Watler <[email protected]> wrote:
> Shindig Dev Team:
>
> I have a quick question concerning the hosting of OAuth gadgets in Shindig.
> I understand that Shindig supports the collection and storage for OAuth
> Consumer Keys and Secrets for HMAC-SHA1 signing requests from the consumer
> to the service provider.
>
> I am wondering if it also supports use of Consumer Public/Private Keys
> using RSA-SHA1 for consumer/service signing?
>
> If so, is there a way to instruct Shindig to use a Consumer Public/Private
> Key associated with the container when the gadget itself has not registered
> one with Shindig? From what I gather, this is what iGoogle does to
> streamline OAuth gadget registration within iGoogle.
>
> Of course, please let me know if I am lost in the weeds! Thanks in advance,
>
> Randy
>
