So if the certificate's content is like this,
-----BEGIN CERTIFICATE----- *MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=* -----END CERTIFICATE----- If you add the value in <Certificate> tags like below in the XML file of the IDP's configuration, <Certificate> *MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=* </Certificate> doesn't it work ? On Fri, Jul 29, 2016 at 1:53 PM, Gayan Yalpathwala <[email protected]> wrote: > Thank you for the reply Tharindu. This helps but not exactly what I wanted > to know. > > I am trying to add an external IdP to IS, for which I have written an XML > based IdP configuration that goes under > repository/conf/identity/identity-providers. I already have the public cert > from the external IdP and I am worried about how to include that in the > aforesaid XML config. There is a tag named <Certificate> in a sample IdP > config, but adding the certificate directly there or adding the encoded > value hasn't worked for me so far. Do we have a sample XML config that can > help here? > > Thanks, > > On Thu, Jul 28, 2016 at 5:37 PM, Tharindu Edirisinghe <[email protected]> > wrote: > >> Hi Gayan, >> >> Here's a sample command if the IDP is WSO2 Identity Server where you can >> export the public certificate in PEM format. >> >> >> >> *keytool -exportcert -alias wso2carbon -keypass wso2carbon -keystore >> wso2carbon.jks -storepass wso2carbon -rfc -file ispublic_crt.pem* >> Then, the certificate file, you can open with a notepad so you see the >> certificate value. Sample is below. >> >> -----BEGIN CERTIFICATE----- >> >> >> >> >> >> >> >> >> >> >> *MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=* >> -----END CERTIFICATE----- >> >> You can copy this certificate value (highlight above) and put in the file. >> >> Note that above is only if the IDP is WSO2 IS. If the IDP is a third >> party IDP, then you can get the certificate in PEM format and read the >> value. >> >> Regards, >> TharinduE >> >> On Thu, Jul 28, 2016 at 7:22 PM, Gayan Yalpathwala <[email protected]> >> wrote: >> >>> Hi devs, >>> >>> I have a file based IdP configuration in which I need to add the public >>> certificate of the IdP. I have tried by adding the certificate content as >>> it is, under the <Certificate> tag, and also tried with the base64 encoded >>> version of the same, with no luck. What is the correct way to add this >>> configuration? >>> >>> Thanks, >>> >>> -- >>> *Gayan Kaushalya Yalpathwala* >>> Software Engineer >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> >>> LK: +94 71 868 2704 >>> UK: +44 747 844 3609 >>> >>> <http://asia14.wso2con.com/> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> Tharindu Edirisinghe >> Senior Software Engineer | WSO2 Inc >> Platform Security Team >> Blog : tharindue.blogspot.com >> mobile : +94 775181586 >> > > > > -- > *Gayan Kaushalya Yalpathwala* > Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > LK: +94 71 868 2704 > UK: +44 747 844 3609 > > <http://asia14.wso2con.com/> > -- Tharindu Edirisinghe Senior Software Engineer | WSO2 Inc Platform Security Team Blog : tharindue.blogspot.com mobile : +94 775181586
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
