[keycloak-dev] Keycloak realm specific Certificate Management System
Bill Burke
bburke at redhat.com
Tue Feb 17 09:58:50 EST 2015
I think that many companies will want to manage keypairs/certificates
themselves. I'm thinking that we'll want to have an option for users to
set up client-certs themselves. For example, think of OTP. We have a
switch that requires the user to set up OTP when then log in. We could
provide the same for client certs where the user uploads their
certificate the first time they log in.
On 2/17/2015 4:12 AM, Giriraj Sharma wrote:
> Hi,
>
> To support *first/initial cut of certificate management *for realm
> users, we can have keys and X509 Certificate generation for each
> individual user at the time of its creation. This will imply for realm
> admin too.
>
> While viewing an individual user for any specific realm in
> administrative console, we can have Keys View in addition to Attributes,
> Credentials, Role Mappings and Sessions. Keys View (UI) will let user
> retrieve, validate, revoke, renew(revoke+generate) and delete(optional)
> his keys/Certificates.
>
> If it makes sense, I shall start working around it.
>
> --
> Giriraj Sharma,
> Department of Computer Science
> National Institute of Technology Hamirpur
> Himachal Pradesh, India
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list