Hello Jamie,
Just FYU, there is also certificate endpoint that does not require authentication:
http://localhost:8080/auth/realms/master/protocol/openid-connect/certs
(replace your server name, port and realm)
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Mon, 2018-10-29 at 15:34 +0000, Jamie McDowell wrote:
I have managed to obtain just the certificate using the below command
in case anyone needs this in future
/opt/jboss/keycloak/bin/kcadm get keys \--server <url> \--realm master \--user
<user> \--password <password> \-r <realm> | grep
"certificate*"
Regards,
Jamie
On Monday, 29 October 2018, 11:56:25 GMT, Jamie McDowell
<jambo_mcd(a)yahoo.co.uk> wrote:
Hi,
I am trying to find a way to be able to retrieve a realm certificate which can then be
passed to Knox. When a realm is deployed, it generates a new public key, therefore any
Knox Configuration would have to be updated with new corresponding certificates.
Knox is used to decrypt singed JWT's.
Is this something that can be achieved?
I have tried running kcadm to pull the certificate details however i am unable to provide
only the cert details which i would then want to output into another file.
Examples of kcadm
/opt/jboss/keycloak/bin/kcadm get keys \--server <url> \--realm master \--user
<user> \--password <password> \-r <realm>
Regards,
Jamie
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user