How to create or generate JWKS key (use for encryption - enc) in identityserver4

Question

I want to implement jwks key with Identityserver4 for jwks endpoint, I've already checked alot of articles but no one can solve my requirement Here's is my requirement.

RSA encryption key with a 3072-bit key

{
"kty": "RSA",
"use": "enc",
"kid": "enc-2021-01-15T12:09:06Z",
"e": "xxxxx",
"n": "xxxxx",
"alg": "RSA-OAEP-256"
}

score 0 · Answer 1 · answered Feb 11 '21 at 10:33

0

I typically use OpenSSL to generate the keys and I use the script below to generate a private key and then together with a self signed certificate, place it in a PKCS12 file (.pfx).

Then import the .pfx file in .NET and use the Identityserver AddSigningCredential method to add it to the JWKS endpoint.

For example this code loads a cert into .NET Core:

    private static SecurityKey LoadRsaKey()
    {
        var rsaCert = new X509Certificate2("rs256.pfx", "edument");
        SecurityKey rsaPrivateKey = new RsaSecurityKey(rsaCert.GetRSAPrivateKey());
        return rsaPrivateKey;
    }

answered Feb 11 '21 at 10:33

Tore Nestenius

16,431
5
30
40

Thanks you for sharing, but still doesn't solve my issue – DDNL Aug 20 '21 at 04:14
What is the specific problem? Generating the key or adding it to IdentityServer? – Tore Nestenius Aug 20 '21 at 06:31

How to create or generate JWKS key (use for encryption - enc) in identityserver4

1 Answers1