How to get the digiRunner public key for JWS? #72
-
|
Hi, My question is : How does my client application get the public key from digiRunner? I need it to verify the signatures on the responses I receive from the server. Thanks for the help! |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Hi @Eddie-Las ! We are very glad that you continue to use our digiRunner. You ask a great question, and this is a crucial step in completing the JWS handshake. You can retrieve digiRunner's public key directly from a dedicated endpoint. Here’s a breakdown of how to get it and how the key management works: 1. How to Obtain the Public Key The public key is exposed through the following URL endpoint:
Important: Remember to replace 2. Key Management and Workflow Details Unified Key Management: digiRunner uses the same key for JWS operations as it does for generating its own JSON Web Tokens (JWTs). This key is automatically generated during the initial installation of the digiRunner system, so no extra steps are needed on your end to create it. Bidirectional Verification: The JWS workflow involves a bidirectional exchange of public keys for mutual verification: The client (your application) signs its request with its own private key. digiRunner then uses the client's public key (which you provided) to verify the request's signature. When digiRunner signs a response, it uses its private key. The client must then use digiRunner's public key (obtained from the URL above) to verify the response's signature. Hope this helps clarify the process! Let us know if you have any other questions. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks a lot for your reply! Sorry for the late response — things have been a bit busy on my side. I gave your method a try and it worked perfectly. Really appreciate you sharing this, I’m sure it’ll help others who run into the same issue too. |
Beta Was this translation helpful? Give feedback.
Hi @Eddie-Las ! We are very glad that you continue to use our digiRunner.
You ask a great question, and this is a crucial step in completing the JWS handshake.
You can retrieve digiRunner's public key directly from a dedicated endpoint. Here’s a breakdown of how to get it and how the key management works:
1. How to Obtain the Public Key
The public key is exposed through the following URL endpoint:
https://localhost:18080/dgrv4/ssotoken/enccertImportant: Remember to replace
localhost:18080with the actual domain/IP address and port of your specific digiRunner deployment.2. Key Management and Workflow Details
Unified Key Management: digiRunner uses the same key for JWS operations as it does…