How is the x509.pem file expected to be used in this process?
It’s not. It likely should be removed from the docs. I suspect that the certificate request is intended to be sent to a CA for signing but once that happens, how would the resulting certificate be used? It’s not. You only care about the key duo. I was able to configure my application to successfully receive the user credential attribute by providing public.key to the CAS server. I'm guessing that this is what is meant by the reference to "classpath:RSA1024Public.key" in the Register Service section. I was also able to decrypt the encrypted credential attribute by loading the private.p8 file with an instance of PKCS8EncodedKeySpec to generate the private key from it. With this functioning correctly, I am puzzled by the purpose of the x509.pem file. Is there some way to configure the service to read the public key from a signed unexpired certificate file? No. Ignore, and if you prefer submit a PR that removes that step from the docs. This probably is leftover from somewhere else when it was copied. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00d101d24caa%24343f9860%249cbec920%24%40unicon.net.
