[keycloak-user] kc2.4 - breaks PK idp brokering to adfs
Hynek Mlnarik
hmlnarik at redhat.com
Wed Dec 21 15:58:13 EST 2016
Will be resolved in 2.5.0: https://issues.jboss.org/browse/KEYCLOAK-4057
On Wed, Dec 21, 2016 at 4:51 PM, java_os <java at neposoft.com> wrote:
> I should add: to begin with I've upgraded to 2.4 and importing the realm
> that was working fine on 2.3 - and things started to break - spending time
> to isolate and understand the issue - and my findings in the prev email.
>
> > Hi,
> > In KC 2.3 I can establish trust with adfs by exporting kc meta and
> > importing into adfs.
> > With KC 2.4 - this breaks - I tried to re-gen the rsa key, export meta,
> > import into adfs - it fails on this adfs error:
> > "ID4037: The key needed to verify the signature could not be resolved
> from
> > the following security key identifier 'SecurityKeyIdentifier"
> >
> > I'm seeing from UI perspective you've added stuff into around PK in 2.4 -
> > but behind the scenes something is breaks on the 'key' or something - so,
> > going back to 2.3 - regen a new RSA, exported meta into adfs, works just
> > fine.
> > Please raise a JIRA with the info above.
> > thx
> >
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
--Hynek
More information about the keycloak-user
mailing list