what is the trust store used for in the TOTP plugin?

王博 wb626 at pku.edu.cn
Tue Jun 27 09:25:51 UTC 2023

Dear Shibboleth Team

I'm going through the TOTP plugin at https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376878877/TOTP. 

Thanks for this excellent tool, now I'am able to successfully configure it and read the seeds from a database, looks everything is fine so far. However I doubt what the trust store is actually used for during the installation process? I see a folder credentials\net.shibboleth.idp.plugin.authn.totp is crested and an aes file and an empty backup file in this folder after installation.

Plugin net.shibboleth.idp.plugin.authn.totp: Trust store folder does not exist, creating
Plugin net.shibboleth.idp.plugin.authn.totp: Trust store does not exist, creating
TrustStore does not contain signature 0x378B845402277962
Accept this key:
Signature:      0x378B845402277962
FingerPrint:    DCAA15007BED9DE690CD9523378B845402277962
Username:       Scott Cantor <cantor.2 at osu.edu>
 [yN] y
Installing Plugin net.shibboleth.idp.plugin.authn.totp version 1.0.2

Any One has any idea on this? Thanks in advance!

Wang Bo

Peking University CARSI Team 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20230627/c9855445/attachment.htm>

More information about the users mailing list