Detailed explanation of IdentityServer4 SigningCredential (RSA certificate encryption) example-C#.Net Tutorial-php.cn

Home

Backend Development

C#.Net Tutorial

Detailed explanation of IdentityServer4 SigningCredential (RSA certificate encryption) example

零下一度

May 22, 2018 pm 04:08 PM

encryption Certificate

IdentityServer4 provides two certificate encryption configurations by default:

services.AddIdentityServer()
    .AddDeveloperSigningCredential()
    .AddTemporarySigningCredential();

Copy after login

These two certificate encryption methods are temporarily used every time the project is restarted. , will regenerate a new certificate, which will cause a problem. The access_token generated before restarting will no longer be applicable after the restart, because the certificate has changed and the corresponding encryption method has also changed. , so the following problem will occur:

Detailed explanation of IdentityServer4 SigningCredential (RSA certificate encryption) example

##Error message:

Www-Authenticate:Bearer error="invalid_token", error_description="The signature key was not found"

The solution is to always use one certificate. Let's configure it like this first:

services.AddIdentityServer()
    .AddDeveloperSigningCredential();

Copy after login

You can check it out

AddDeveloperSigningCredentialImplement the source code and start the project. IdentityServer4 will generate a tempkey.rsacertificate file in the project directory:

{
    "KeyId": "4e1765de45ef639261115198826dfea7",
    "Parameters": {
        "D": "FnB7kIinBgoZDaRqIrRQHEF45FBF9amOrTn8oFdmsxPqJbh11bHeCw11AtCCC4p1mm750onDXeP+yoBHymr/wNn40VmGdhR4hnObHhhw5pyQKECIS41DFDatCZif9uhDgHsOvYHMRVNSapDFoDUvbTE6t7rv4prn2fDt5mzRD9AqdT2HyTcwa/H1haaZNwmy3UevYYy8ya4kKXvjRo6+O7BMBh+yBvHgezQ57Ye/NfZfDMITs4djbqELrYVXCTMltNsWWhQtS62cqvKboxoiXfSm67u/li5Fdusc5Z2zsyt5rE/V8h/ffBvS9N9v0VoDTdFqLYkuul0DvTZ/pqXtMQ==",
        "DP": "XQDf46csbwu/xX+jwo5VQQ8sKVlVBLuxSNTAbNS6O/aCg9eEjZ58EJ712JgqqORcDMg5JRejN3Zxxoij4roJogyvvw6QSws/H+UTmtuuudgT59OB1TyNGihMVSTLXaw4Kgdj8D8IK8v0okdFEpYugzIIFe1yl0lSzR7fkF+NKC0=",
        "DQ": "4TvT9ujJ38sTluz0dUSIUD3NCWJOMDKOB/cL3RaDyMf/MTSxNFfWDuuW55F2P8mncHhqLuANcg2l3h8xom+1ucn+ve45JNoWja4fpWQ16rmijPc5yKRe0uAGEaXJiTAEvIxXG18zvNA8Fab+L2X1h+1r35ZLZFYj+EyhkqQ7u5k=",
        "Exponent": "AQAB",
        "InverseQ": "nTAEt8v+DlAn6h7Z1Ey1x4Z56OfOmCvY01nte4f3OuSmBXoEaTSoGsXScweAMoSGb0aOG1qpvErtY+JykREeLJxvm4P3DAHL5lJWvDKPvCWJOD9jfzhBUyIhCoqQ8EIHjFxBNKyNefAsVuKdH6R+ApuhpF8XVhR59zLawUQWLEg=",
        "Modulus": "43j4tvNZy7IxuiDwZzWv9KiS5kSYIeBqEvQ7zkQmRT3IEsseiTv698iQx8qn+de8FeGFEa8O6igFU2VXqFyWJilTuPmeBPJxIMCqfxdxF+96giVSpN4rOFaH/V+IPNTQoYCLFwcUR2saFywUeKWpsRFhQCymsFIk3AlWu7jcqgKHrELsJpn5KVmedb6JZcVKMIfTrcY6hWQz2JNEhTOEI10ZVZ7ueEp2Q2+1/udvp47wPMhzriXJTFP7Y4ozU2THbuwIqCXM5DNBGUpEug0vlCAhwn6nvAo8e9fT0lpUzTd2T8wWzwuHkAgyjB0XTzSYR1fMJIKH1zDs25RqmlepgQ==",
        "P": "9lGtQw9yXz4nbepESFDxAMfDlmiI9Gj3Q3FecKIgGVVi9WVr19lzBcszhsVybA8n1OyPXHdOyuSWOiVp69ibo5OOXLL4iWzY1VOouXeZrYimxNPvVKlRf8AsVcv3n/0/FEhwY9gnQm4PZYUGwQ96WZ5Z/CWJ9xTORg54Wh79hk0=",
        "Q": "7Gmr/h33bM+9W4Ygh+tNh3/etECuT/RQ1LMS5uBXxXdvUl6wSm2+ec/CBRobxVHG2pDXdr0pegn0Yz4MprsLtS5KvFg6yopI3Y3TptTGNZPtbd1O7P4i6b+RNOYCq0Y99mkGofqAlAMnDG+SA2EJN2ugPjLelC7GWtfzNG5NMgU="
    }
}

Copy after login

AddDeveloperSigningCredentialThe code in it will be executed first. Determine whether the tempkey.rsa certificate file exists. If it does not exist, create a new tempkey.rsa certificate file. If it exists, use this certificate file.

So, when we configure, just pass a

tempkey.rsa certificate file name:

services.AddIdentityServer()
    .AddDeveloperSigningCredential("tempkey.rsa");

Copy after login

Of course, you can also rename the

tempkey.rsa certificate file.

Reference:

The signature key was not found
IdentityServer4 Configuring services
IdentityServer4 Cryptography, Keys and HTTPS
ASP.NET Core implements the ResourceOwnerPassword and ClientCredentials modes of OAuth2.0
IdentityServerBuilderExtensionsCrypto.cs

The above is the detailed content of Detailed explanation of IdentityServer4 SigningCredential (RSA certificate encryption) example. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Best Graphic Settings

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

2 weeks ago By DDD

R.E.P.O. How to Fix Audio if You Can't Hear Anyone

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

WWE 2K25: How To Unlock Everything In MyRise

4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7495

CakePHP Tutorial

1377

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

Related knowledge

Enable 256-bit Bitlocker encryption on Windows 11 for increased security Nov 26, 2023 am 11:21 AM

Bitlocker is the default encryption technology for Windows operating systems. It is widely used on Windows, but some users prefer third-party solutions such as VeraCrypt. What many users of Bitlocker don't know is that it defaults to 128-bit encryption, even though 256-bit is available. Without going into too much detail about the differences; the core difference between AES 128-bit and 256-bit encryption is the length of the security key. Longer keys make brute force attacks more difficult. While the default is 128-bit, even Microsoft recommends 256-bit for better security. The problem is, most users probably don't know about the weaker defaults or how to change them. First, you might want to know W

Win11 encrypted dns detailed tutorial Dec 25, 2023 am 10:13 AM

Microsoft previously provided dns encryption services for win11, but many users do not know how to use win11 encrypted dns. In fact, we only need to open the dns settings under network settings. Detailed tutorial on win11 encrypted dns: 1. First enter the disk and find the folder you want to encrypt. 2. Then open "Ethernet" on the right 3. Then find the DNS server allocation below and click "Edit" 4. After changing "Auto (DHCP)" to "Manual", open "IPv4" below 5. After turning it on, enter "8.8.8.8" in the preferred DNS 6. Then change the preferred DNS encryption to "Encryption only (DNS over HTTPS)" 7. After the changes are completed, click "Save" and you will find

Does Win10 Home Edition support folder encryption? Jan 09, 2024 am 08:58 AM

File encryption aims to implement professional-level encryption of data to more effectively ensure data security! Only by mastering the correct encryption key can the decryption operation be performed, ensuring the security of information assets. However, the file encryption function of Win10 Home Edition does not yet have this feature. Can Win10 Home Edition encrypt folders? Answer: Win10 Home Edition cannot encrypt folders. Tutorial on encrypting files in Windows system 1. Right-click on the file or folder you want to encrypt (or press and hold for a while), and then select the "Properties" function. 2. In the new expanded interface, look for the "Advanced" option. After clicking to enter, remember to check the "Encrypt content to protect data" option located below. 3. After the setting is completed, click "OK" to

How to set up encryption of photo album on Apple mobile phone Mar 02, 2024 pm 05:31 PM

In Apple mobile phones, users can encrypt photo albums according to their own needs. Some users don't know how to set it up. You can add the pictures that need to be encrypted to the memo, and then lock the memo. Next, the editor will introduce the method of setting up the encryption of mobile photo albums for users. Interested users, come and take a look! Apple mobile phone tutorial How to set up iPhone photo album encryption A: After adding the pictures that need to be encrypted to the memo, go to lock the memo for detailed introduction: 1. Enter the photo album, select the picture that needs to be encrypted, and then click [Add to] below. 2. Select [Add to Notes]. 3. Enter the memo, find the memo you just created, enter it, and click the [Send] icon in the upper right corner. 4. Click [Lock Device] below

How to set a password for folder encryption without compression Feb 20, 2024 pm 03:27 PM

Folder encryption is a common data protection method that encrypts the contents of a folder so that only those who have the decryption password can access the files. When encrypting a folder, there are some common ways to set a password without compressing the file. First, we can use the encryption function that comes with the operating system to set a folder password. For Windows users, you can set it up by following the following steps: Select the folder to be encrypted, right-click the folder, and select "Properties"

Common network communication and security problems and solutions in C# Oct 09, 2023 pm 09:21 PM

Common network communication and security problems and solutions in C# In today's Internet era, network communication has become an indispensable part of software development. In C#, we usually encounter some network communication problems, such as data transmission security, network connection stability, etc. This article will discuss in detail common network communication and security issues in C# and provide corresponding solutions and code examples. 1. Network communication problems Network connection interruption: During the network communication process, the network connection may be interrupted, which may cause

Complete guide to win11 file encryption Jan 09, 2024 pm 02:50 PM

Some friends want to protect their files, but don’t know how to encrypt win11 documents. In fact, we can directly use folder encryption or use third-party software to encrypt files. Detailed tutorial on win11 document encryption: 1. First find the file you want to encrypt, right-click to select it, and open "Properties" 2. Then click "Advanced" in the properties column 3. Select "Encrypt content to protect data" in Advanced and click " OK" 4. Then click "OK" to save. 5. Finally, select the desired encryption mode and "OK" to save the document to encrypt the document.

How to encrypt the compressed package in winrar-winrar encrypted compressed package method Mar 23, 2024 pm 12:10 PM

The editor will introduce to you three methods of encryption and compression: Method 1: Encryption The simplest encryption method is to enter the password you want to set when encrypting the file, and the encryption and compression are completed. Method 2: Automatic encryption Ordinary encryption method requires us to enter a password when encrypting each file. If you want to encrypt a large number of compressed packages and the passwords are the same, then we can set automatic encryption in WinRAR, and then just When compressing files normally, WinRAR will add a password to each compressed package. The method is as follows: Open WinRAR, click Options-Settings in the setting interface, switch to [Compression], click Create Default Configuration-Set Password Enter the password we want to set here, click OK to complete the setting, we only need to correct

See all articles