keycloak-ui icon indicating copy to clipboard operation
keycloak-ui copied to clipboard
verified publisher icon keycloak

Client key import fails resulting to quay.io/keycloak/keycloak

Open tuxtux59 opened this issue 3 years ago • 4 comments

Describe the bug

Importing Key to SAML Client show success in view but Certificate value not updated.

We tested both JKS and PKCS file variant with alias and password resulting with success message but nothing change.

In Client settings here are activated fields

  • sign documents
  • sign assertions
  • front channel logout

The purpose of adding certificate is to allow SLO process and secure challenges

Since Key is activated and imported, no more Challenge can start ("Invalid requester" is thrown)

The AuthnRequest contains the X509 certificate in challenge request

Version

Docker quay.io/keycloak/keycloak v19.0.2

Expected behavior

  • While uploading PKCS12 or JKS , Certifcate should be updated
  • Request with right uploaded certificated should not be invalid

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

tuxtux59 avatar Oct 12 '22 17:10 tuxtux59

I presume this you are using the admin console when importing the keys?

Can you try the latest nightly release? I'm pretty sure this one is already fixed there.

stianst avatar Oct 12 '22 18:10 stianst

Thnaks for the tip @stianst , Currently trying to test it, will get back with a precise answer if this change results with a success

tuxtux59 avatar Oct 13 '22 11:10 tuxtux59

@tuxtux59 Any luck?

ssilvert avatar Oct 18 '22 00:10 ssilvert

Hi @ssilvert , thanks to @stianst We achieved to upload the PKCS12 certificate in Keys tab but we also needed to Reload app to see the key update in the textarea. You can pass this issue as closed or validated ;) thanks !

tuxtux59 avatar Oct 18 '22 18:10 tuxtux59