This is not an issue anymore with the latest code base, and the patch
intends to fix that has been abandoned, so mark it as won't fix.
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1507456
Title:
default setting of certificate for SAML signing doesn't work
Status in OpenStack Identity (keystone):
Won't Fix
Bug description:
Currently, the default setting is
'/etc/keystone/ssl/certs/signing_cert.pem' which is the public key
certificate which contains,
- Signature Algorithm
- Public Key
- Signature Algorithm
- Subject
etc.
But sigver.read_cert_from_file expects the certificate's content
holds plain certificate information, which means it 's start from
-----BEGIN CERTIFICATE-----
or
-----BEGIN PUBLIC KEY-----
and end with
-----END CERTIFICATE-----
or
-----END PUBLIC KEY-----
So, the default setting will not work for SAML signing.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1507456/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
