Seeking command to generate separate signing and encryption keys
Wessel, Keith
kwessel at illinois.edu
Tue May 12 19:47:07 UTC 2020
Cathy,
You can accomplish this by adding the –n argument to the keygen command and running it twice: once to generate the signing key pair and once to generate the encryption key pair:
keygen.bat -h http://client.serviceprovider.com -e https://client.serviceprovider/shibboleth -y 10 -n sp-signing
keygen.bat -h http://client.serviceprovider.com -e https://client.serviceprovider/shibboleth -y 10 -n sp-encrypt
Keith
From: users <users-bounces at shibboleth.net> On Behalf Of Cathy Scott
Sent: Tuesday, May 12, 2020 2:17 PM
To: Shib Users <users at shibboleth.net>
Subject: Seeking command to generate separate signing and encryption keys
Hello all,
I'm testing Shib SP v3.1 in Windows and can't figure out how to generate a separate signing and encryption key.
Previously in v2, I would use this command to generate a single keypair used for signing and encryption:
keygen.bat -h http://client.serviceprovider.com -e https://client.serviceprovider/shibboleth -y 10
Please advise what the new command is to get key="sp-signing-key.pem" certificate="sp-signing-cert.pem"/> and key="sp-encrypt-key.pem" certificate="sp-encrypt-cert.pem".
Thanks,
Cathy
More information about the users
mailing list