OpenID RSA key

By default Defguard uses HMAC algorithm for OIDC token validation and the . If you want to use RSA, you'll have to configure the defguard core DEFGUARD_OPENID_KEY dconfiguration variable with the path to the RSA private key.

You can generate the RSA key with:

openssl genpkey -out /path/to/rsakey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:4096
PreviousSecuring gRPC communicationNextHealth check

Last updated

Was this helpful?