Hi Dmitry,
Thanks for your response. I can confirm that this does provides the certs however this
seems to be encrypted.
Do you know how we can recreate this to provide the value that is visible in Keycloak
console? I need to be able to get the decrypted value of the cert so i can pass this over
to another application.
Regards,
Jamie
On Tuesday, 30 October 2018, 03:13:17 GMT, Dmitry Telegin <dt(a)acutus.pro> wrote:
Hello Jamie,
Just FYU, there is also certificate endpoint that does not require authentication:
http://localhost:8080/auth/realms/master/protocol/openid-connect/certs
(replace your server name, port and realm)
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Mon, 2018-10-29 at 15:34 +0000, Jamie McDowell wrote:
I have managed to obtain just the certificate using the below command
in case anyone needs this in future
/opt/jboss/keycloak/bin/kcadm get keys \--server <url> \--realm master \--user
<user> \--password <password> \-r <realm> | grep
"certificate*"
Regards,
Jamie
On Monday, 29 October 2018, 11:56:25 GMT, Jamie McDowell
<jambo_mcd(a)yahoo.co.uk> wrote:
Hi,
I am trying to find a way to be able to retrieve a realm certificate which can then be
passed to Knox. When a realm is deployed, it generates a new public key, therefore any
Knox Configuration would have to be updated with new corresponding certificates.
Knox is used to decrypt singed JWT's.
Is this something that can be achieved?
I have tried running kcadm to pull the certificate details however i am unable to provide
only the cert details which i would then want to output into another file.
Examples of kcadm
/opt/jboss/keycloak/bin/kcadm get keys \--server <url> \--realm master \--user
<user> \--password <password> \-r <realm>
Regards,
Jamie
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user