[英]AppId SAML : Sign request
I have a query regarding the certificate used by IBM AppId to sign SAML requests.I believe this certificate is self-signed by the tenant's ( AppId tenant ) private key and is auto-generated by AppId when 'signRequest' is set to true in the IDP metadata.我有一个关于 IBM AppId 用于签署 SAML 请求的证书的查询。我相信此证书是由租户的 (AppId 租户) 私钥自签名的,并且当 'signRequest' 设置为 true 时由 AppId 自动生成IDP 元数据。 Please confirm my understanding.
请确认我的理解。
A follow up question on it, is there a API which I can use to update this certificate, lets say the IDP organization expects signed CA certs attached to a valid domain name.关于它的后续问题,是否有一个 API 可以用来更新此证书,假设 IDP 组织希望签名的 CA 证书附加到一个有效的域名。 I only found an API to GET the AppId SAML metadata, no update API was found that could be used to provide signing certificates to the service provider ( AppId ).
我只找到了一个 API 来获取 AppId SAML 元数据,没有发现更新 API 可用于向服务提供商( AppId )提供签名证书。 Please let me know.
请告诉我。
Have seen that the CN name of the certificate generated by AppId has the below CN configuration: subject=C = US, ST = New York, L = Armonk, O = International Business Machines Corporation, OU = IBM Cloud and Cognitive Software, CN = IBM Cloud App ID已经看到AppId生成的证书CN名有如下CN配置:subject=C=US,ST=New York,L=Armonk,O=International Business Machines Corporation,OU=IBM Cloud and Cognitive Software,CN= IBM Cloud 应用程序 ID
Your understanding is correct, the signing certificate is auto-generated by App ID when signRequest is set to true.您的理解是正确的,当signRequest设置为true时,签名证书是由App ID自动生成的。 There is not a way for a user to update it.
用户无法更新它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.