This is not an issue anymore with the latest code base, and the patch
intends to fix that has been abandoned, so mark it as won't fix.

** Changed in: keystone
       Status: In Progress => Won't Fix

You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).

  default setting of certificate for SAML signing doesn't work

Status in OpenStack Identity (keystone):
  Won't Fix

Bug description:
  Currently, the default setting is
  '/etc/keystone/ssl/certs/signing_cert.pem' which is the public key
  certificate which contains,

  - Signature Algorithm
  - Public Key
  - Signature Algorithm
  - Subject


  But sigver.read_cert_from_file expects the certificate's content
  holds plain certificate information, which means it 's start from
  -----BEGIN PUBLIC KEY-----

  and end with

  -----END PUBLIC KEY-----

  So, the default setting will not work for SAML signing.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to