generating sealer keystore by hand
skoranda at gmail.com
Thu May 7 14:42:19 EDT 2015
> Is there a reason not to just call the seckeygen script/utility to do that same thing? That's not Ant, it's just a Java class. The idea was that using that API would be more insulating and let us make adjustments that wouldn't break anybody.
Only a desire to do the initial creation of key material, including
all the X.509 certificates and keys, on a different box where the IdP
is not deployed and then (securely) transfer the key material to the
This is a specific and limited use case--not anything for which I am
asking for support.
More information about the users