Skip to content

Commit

Permalink
Updated certificates + script (#36)
Browse files Browse the repository at this point in the history 
* A script to update certificates

* Updated certs, as of 2021-03-30
  • Loading branch information
@cben
cben authored Apr 8, 2021
1 parent 77bbd63 commit 1cdbc59
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 19 deletions.
18 changes: 1 addition & 17 deletions certs/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,4 @@

Update Criteria: These certs don't have an expiration date as such but when there is a URL change (upshift to psi per instance) and a developer is using local frontends and backends the JWT verification fails with the X-RH-IDENTITY header not being sent to the backend. When it occurs just follow the steps below to update the certs for different environments.

##prod

Last Updated: 7/12/19

URL: https://sso.redhat.com/auth/realms/redhat-external copy the "public-key" value to update the keycloack.prod.cert file

##qa

Last Updated: 7/12/19

URL: https://sso.qa.redhat.com/auth/realms/redhat-external copy the "public-key" value to update the keycloack.qa.cert file

##stage

Last Updated: 7/12/19

URL: https://sso.stage.redhat.com/auth/realms/redhat-external copy the "public-key" value to update the keycloack.stage.cert file
Run `update.sh` from this directory to update.
2 changes: 1 addition & 1 deletion certs/keycloak.prod.cert
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuYp35gi5YzQeNN5aQOPwLranSJT9aJB+w6Ih4Wn9R6FzEg1OEKwBNNpb+z18reAyhxQMy/bCz3q+J7viX6p5hbclPBakKOjPB4lDzwhvfE1G4vp84zH1bR7m8dd4OXbriojVZ51IPNuItO00nrDrx6PWNP/5ufBUwjJo8+BD+sWm7BP/CVlb8miVh8itpcLJrszpHzF+u0OPqwI/e3P83cYOsXoQRxD4wpo718yqYh4J3NNJQYnyprJMpC3w3QQ5PR28TbBfSHgvtWD1SBuavHh2jwT/6Pi8FqOS1vfX7QA1pxyYZ+zazVxj/zOrCeP3FHyaxTPmn0d5zsXBZCCyhsfCaStnFePTPk+KEGwZAlv43JJjV2rTJc1Lsj1Th7Jq63TvwIGBcFFAtC72N5+jwRjUoeyu/nwO/1r1awvbfrlBF31PG5wxUdVR56PesLO7EVH1/2KrVN7dtgaQkomVk6rULBbCbwhfR1oT3cOxF7d0ajpbzHd2qcfeBzFTABL8dzBp4FcZx5QyYSIOP8fuwSO8zy4rxmBw7HpHGOGFrC3cXWqB33M23IjOpVZbfK46QvJhcGq9QEtOlRO2WVemMcwDSgpceAa7e3ZJx+LO6XyTEjRtTuHMwdLxII3YUlL1hPozrNE1U/ADPGHgnTxGswgBpGOA6rOkWav5uhcj9CsCAwEAAQ==
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5MvhbE1Mxr2FUYGZiH0z6p+kV+FIUHp4ErxkD6S8Sc5OB7IjRKDSsJzmuwR803cKpeKoIkkUTiznYwCBqAUdP3bIZ8k97X6GX19dOSqL4ej1rjYZYAf9/Jt/Z+0PzIjX50z6TpqeGoh7+6P+634SvbdjatnhTAQ3qsBXfPOHPIPRAZkGfmlM1EdvIlm/d2hQ7nDSETbVC4YHY+iESvUhre+aNmqJU/E6fRnGwFTPS20fPLE5bUNbshvTXn5c+bxtWK9bSCHCRVYUF9QWwDoFX9gGOIpSScHAKQLRR16yOQjOioZ2FeVZnDpWNvZelbQ7LtLN0H5uCJsqDoZDDhDWeFp+25O9ih5M9auT/2IepUlOq3OBMj7i3CJXrvjNQiuGkPHp9xN6kd5H4E5hcqUTmfYdgf1IuXP0cTwYtQor21dWBSpFvxW8l1HGLOaO/rSetNRJ+tZ7FKUK5L6crt1N72AGIay96gNOWNe4POOG/ML1r4h3SKBFdMPwJ+R5KDg7+oRcUT4kLuFtWuQG7bKLJhIxw/SnVFajLGt1d3+OCqX6ozuUbdEW31f9iLZd4w+NUSSHjxP1Uvalk5QfUro9w9fTW73jRIUASnbHunopjt/IkiQswrdIwpfpeBokcf9O757/i0kctQ5M1gyPf4+0yPfuDVkeBAHygoxNJU9H3C0CAwEAAQ==
-----END PUBLIC KEY-----
2 changes: 1 addition & 1 deletion certs/keycloak.stage.cert
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq5sPe249i0kkDs3yTj/cm3XEVQCgfPoz9fsZ6Zyx88c0/80TVJdFyoh8eHpfCNDn/haoMKPwObqcoayBhcN+qdfceu/DRzTetx2Yq9oIMcnp8CoLmSoASe71N1qZgVEAysHrgf35K9zOer0yTAqZpdQz9fB2VbJPOc/BuINO4grMZCzUPvNy1vlLXMZ0fB8zWHu842XTGF9wNSweQveMcak5ZQL4dVSAP2BfA8gyamg7bb7z/Rv5IrCvYxFYPUqEwet9MqNHNHh7yt6aZU+OHPOenv0mIC4on9V/sesm+erEa3dnCmxzzWEWoS5208qP6hJC7CnKq0sRA3fYk2ISsgC8H/tCc90BQ/UE5qkXgwlZjfRWuxGb+58X0z7ZmEwmNU42ns2mbjHf2LS9LNxyW3N2cnt0VnhGX9Y7xCC386ZV11/07UIx0+bzXrTDbf6AsExrn1yYRIEX3u0LUMwJSo3eLKXmqsal8P+b94dvP34he6g/wW19K/3l0dGL1BSZxe5QhUrHExCmYgHfmhmucOyhQU0rOiFx04jNW0/v8GUcOioYRt74zZPThm7qs8pQa+b/lkMJsyDXO8RTW5Sm9zyZm04skqrQFPFqUCgxK43BdTEY220wLx7p0ehWiedDtZtzDyfLlsv8t3sPEFp3nWNHO0CIulnUsy8I0jOH8WMCAwEAAQ==
-----END PUBLIC KEY-----
-----END PUBLIC KEY-----
17 changes: 17 additions & 0 deletions certs/update.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/bin/bash

set -e -u -o pipefail # https://disconnected.systems/blog/another-bash-strict-mode/

cd "$(dirname "$0")" # The directory of this script

function format_key() {
echo '-----BEGIN PUBLIC KEY-----'
jq '.public_key' --raw-output
echo '-----END PUBLIC KEY-----'
}

curl https://sso.redhat.com/auth/realms/redhat-external | format_key >keycloak.prod.cert

curl https://sso.qa.redhat.com/auth/realms/redhat-external | format_key >keycloak.qa.cert

curl https://sso.stage.redhat.com/auth/realms/redhat-external | format_key >keycloak.stage.cert

0 comments on commit 1cdbc59

Please sign in to comment.