Hi Pramod,
You can use Signature class to verify signature. Please see below code
snippet.
java.security.Signature signature =
java.security.Signature.getInstance("SHA1withRSA");
signature.initVerify(publicKey);
signature.verify(signature)
Thanks
Godwin
On Thu, Jan 14, 2016 at 2:51 PM, Pramod Thakur <sendpra...@gmail.com> wrote:
> Hi Godwin,
>
> Thanks for the reply,
>
> Then how can I validate the jwt token that is generated by the wso2 in the
> client.
>
> I need to validate the signature of jwt token generated by Wso2 using the
> public key.
>
>
>
>
>
> On Thu, Jan 14, 2016 at 2:39 PM, Godwin Shrimal <god...@wso2.com> wrote:
>
>> Hi Pramod,
>>
>> We keep only supper tenant keystore in the physical file system and
>> tenant keystores stores in registry. You can get the public certificate for
>> the specific tenant using KeyStoreManager class. Please see below code
>> snippet.
>>
>> KeyStoreManager.getInstance(tenantId).getDefaultPublicKey()
>>
>>
>> Thanks
>> Godwin
>>
>>
>> On Thu, Jan 14, 2016 at 1:20 PM, Harshan Liyanage <hars...@wso2.com>
>> wrote:
>>
>>> Hi Pramod,
>>>
>>> We are storing the public certificate file in wso2carbon.jks keystore.
>>> You can find it in <PRODUCT_HOME>/repository/resources/security directory.
>>> Refer to [1] for obtaining the certificate. For example you can use the
>>> following command to get the public certificate. Keystore password will be
>>> wso2carbon.
>>>
>>> keytool -export -keystore wso2carbon.jks -alias wso2carbon -file
>>> public_cert.cer
>>>
>>> [1].
>>> https://docs.oracle.com/javase/tutorial/security/toolsign/step5.html
>>> [2]. https://docs.wso2.com/display/Carbon420/Keystores
>>>
>>> Thanks,
>>>
>>> Harshan Liyanage
>>> Software Engineer
>>> Mobile: *+94724423048*
>>> Email: hars...@wso2.com
>>> Blog : http://harshanliyanage.blogspot.com/
>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>*
>>> lean.enterprise.middleware.
>>>
>>> On Thu, Jan 14, 2016 at 1:02 PM, Pramod Thakur <sendpra...@gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> How can I get public key certificate to validate JWT token signature in
>>>> wso2 Api Manager for tenant.
>>>>
>>>> The problem I am facing is,I couldn't get the public certificate in the
>>>> physical directory but wso2 is managing to sign the token, I couldn't get
>>>> how.
>>>>
>>>> On Thu, Jan 14, 2016 at 12:57 PM, Pramod Thakur <sendpra...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> How can I get public key certificate to validate JWT token in wso2 Api
>>>>> Manager for tenant in the client endpoint.
>>>>>
>>>>> The problem i am facing is, i couldn't get the public certificate in
>>>>> the physical directory but wso2 is managing to sign the token, i couldn't
>>>>> get how.
>>>>>
>>>>>
>>>>> --
>>>>> * Regards*
>>>>> * Pramod Thakur*
>>>>> * 9980422825*
>>>>> * Thank you.*
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> * Regards*
>>>> * Pramod Thakur*
>>>> * 9980422825*
>>>> * Thank you.*
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Dev mailing list
>>>> Dev@wso2.org
>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Godwin Amila Shrimal*
>> Senior Software Engineer
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: *+94772264165*
>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>*
>> twitter: https://twitter.com/godwinamila
>>
>
>
>
> --
> * Regards*
> * Pramod Thakur*
> * 9980422825*
> * Thank you.*
>
>
>
>
>
>
--
*Godwin Amila Shrimal*
Senior Software Engineer
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware
mobile: *+94772264165*
linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>*
twitter: https://twitter.com/godwinamila
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
