0

If I want to use a non self-signed cert to use in a JWK file, what type of cert should I request from the CA? SSL or Code-signing cert?

rodders
  • 354
  • 1
  • 11

1 Answers1

0

An SSL cert will be fine, such as a PKCS#12 file with a P12 extension, and is a mainstream option. Though you only really need the digital signature and non-repudiation characteristics from this table.

It is just a keypair though, so when tokens are verified, signature checks don't chain up to a CA. So it is also valid to create the keypair using a JWT library or a tool like openssl.

Gary Archer
  • 22,534
  • 2
  • 12
  • 24