Hi Pramod, You can use Signature class to verify signature. Please see below code snippet.
java.security.Signature signature = java.security.Signature.getInstance("SHA1withRSA"); signature.initVerify(publicKey); signature.verify(signature) Thanks Godwin On Thu, Jan 14, 2016 at 2:51 PM, Pramod Thakur <sendpra...@gmail.com> wrote: > Hi Godwin, > > Thanks for the reply, > > Then how can I validate the jwt token that is generated by the wso2 in the > client. > > I need to validate the signature of jwt token generated by Wso2 using the > public key. > > > > > > On Thu, Jan 14, 2016 at 2:39 PM, Godwin Shrimal <god...@wso2.com> wrote: > >> Hi Pramod, >> >> We keep only supper tenant keystore in the physical file system and >> tenant keystores stores in registry. You can get the public certificate for >> the specific tenant using KeyStoreManager class. Please see below code >> snippet. >> >> KeyStoreManager.getInstance(tenantId).getDefaultPublicKey() >> >> >> Thanks >> Godwin >> >> >> On Thu, Jan 14, 2016 at 1:20 PM, Harshan Liyanage <hars...@wso2.com> >> wrote: >> >>> Hi Pramod, >>> >>> We are storing the public certificate file in wso2carbon.jks keystore. >>> You can find it in <PRODUCT_HOME>/repository/resources/security directory. >>> Refer to [1] for obtaining the certificate. For example you can use the >>> following command to get the public certificate. Keystore password will be >>> wso2carbon. >>> >>> keytool -export -keystore wso2carbon.jks -alias wso2carbon -file >>> public_cert.cer >>> >>> [1]. >>> https://docs.oracle.com/javase/tutorial/security/toolsign/step5.html >>> [2]. https://docs.wso2.com/display/Carbon420/Keystores >>> >>> Thanks, >>> >>> Harshan Liyanage >>> Software Engineer >>> Mobile: *+94724423048* >>> Email: hars...@wso2.com >>> Blog : http://harshanliyanage.blogspot.com/ >>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>> lean.enterprise.middleware. >>> >>> On Thu, Jan 14, 2016 at 1:02 PM, Pramod Thakur <sendpra...@gmail.com> >>> wrote: >>> >>>> Hi, >>>> >>>> How can I get public key certificate to validate JWT token signature in >>>> wso2 Api Manager for tenant. >>>> >>>> The problem I am facing is,I couldn't get the public certificate in the >>>> physical directory but wso2 is managing to sign the token, I couldn't get >>>> how. >>>> >>>> On Thu, Jan 14, 2016 at 12:57 PM, Pramod Thakur <sendpra...@gmail.com> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> How can I get public key certificate to validate JWT token in wso2 Api >>>>> Manager for tenant in the client endpoint. >>>>> >>>>> The problem i am facing is, i couldn't get the public certificate in >>>>> the physical directory but wso2 is managing to sign the token, i couldn't >>>>> get how. >>>>> >>>>> >>>>> -- >>>>> * Regards* >>>>> * Pramod Thakur* >>>>> * 9980422825* >>>>> * Thank you.* >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> * Regards* >>>> * Pramod Thakur* >>>> * 9980422825* >>>> * Thank you.* >>>> >>>> >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Godwin Amila Shrimal* >> Senior Software Engineer >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94772264165* >> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >> twitter: https://twitter.com/godwinamila >> > > > > -- > * Regards* > * Pramod Thakur* > * 9980422825* > * Thank you.* > > > > > > -- *Godwin Amila Shrimal* Senior Software Engineer WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94772264165* linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* twitter: https://twitter.com/godwinamila
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev