堆栈内存溢出
  简体   繁体   English

我可以在SAML2中为令牌安全性和协议安全性使用相同的证书吗?

[英]Can I Use the same certificate for Token Security and Protocol Security in SAML2?

 原文  2015-04-29 13:26:35       java/ coldfusion/ coldfusion-11/ saml-2.0

问题描述

Can I use the same certificate issued by a certificate authority to sign the security token of SAML assertion and also for HTTPS SSL on IIS ? 我可以使用由证书颁发机构颁发的同一证书来签署SAML声明的安全令牌,也可以对IIS上的HTTPS SSL签名吗?

I am using ColdFusion to create the SAML Response and used Java Keytool to create the certifcate. 我正在使用ColdFusion创建SAML响应,并使用Java Keytool创建了证书。

1 个解决方案

解决方案1
 0 已采纳  2015-04-30 10:20:31

Can you? 你是否可以? Yes. 是。 Should you? 应该 No. It's better to use a self - signed cert than to share them. 不可以。使用自签名证书比共享它们更好。 I can't tell you the number of times I've seen an admin screw up and send out their private key for their HTTPS cert. 我无法告诉您我看到管理员搞砸了多少次,并为他们的HTTPS证书发送了私钥。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WS-Security策略和saml2令牌,带有自定义令牌的签名错误 - WS-Security policy and saml2 token, Error in signature with a custom token Spring Security SAML2 未找到 entityID - Spring Security SAML2 no entityID is found Spring Security SAML2-SP http发布安全性 - Spring Security SAML2 - SP http post security Spring Security SAML2使用多个IDP - Spring security SAML2 working with more than one idp Spring Security SAML2 为它们动态选择 IDP 或动态 URL - Spring Security SAML2 dynamic selection of IDPs or dynamic URLs for them Spring security 5.2+ SAML2 多个 IDP 注销 - Spring security 5.2+ SAML2 multiple IDPs logout 我在哪里可以学习带有 Spring Security 的 SAML? - Where can I learn SAML with spring security? Spring 安全 SAML2 使用 G Suite 作为 Idp - Spring Security SAML2 Using G Suite as Idp 我们可以在 Quarkus 中使用 spring-security-saml2-service-provider - Can we use spring-security-saml2-service-provider in Quarkus 可以在应用程序中同时实现SAML和基本Spring Security吗? - can I implement both SAML and basic spring security within an application?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM