OpenID RSA key

By default Defguard uses HMAC algorithm for OIDC token validation and the . If you want to use RSA, you'll have to configure the defguard core DEFGUARD_OPENID_KEY dconfiguration variable with the path to the RSA private key.

You can generate the RSA key with:

openssl genpkey -out /path/to/rsakey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:4096

PreviousSecuring gRPC communication NextConfiguration

Last updated 3 days ago