[keycloak-user] Add x5c to be generated as part of the JWK
Work Account
toyaserwork at gmail.com
Tue Oct 23 13:12:23 EDT 2018
Hi,
In an effort to use keycloak as an IDP with Azure for multi factor
authentication, Azure expects the x5c property to be available in the JWK
when querying the jwks_uri.
The change would simply include the x5c property as part of the returned
JWK as described here (https://tools.ietf.org/html/rfc7517#section-4.7).
In short, the x5c property contains the certificate chain.
The change would involve updating
core\src\main\java\org\keycloak\jose\jwk\JWKBuilder.java to generate the
certificate chain from the RsaKeyMetadata certificate.
Thanks
More information about the keycloak-user
mailing list