Add a separate (non install) "Keygen" capability to IdP
Duplicate
Description fields
Basics
Logistics
Basics
Logistics
Description
I got a strong steer for the UK Fed support guys that it would be nice to be able to generate the self-signed .key/.cert/.jks which the IdP installation does as a separate beast from the instalation. II'm not sure why it important to them. I suspect that its (a) to allow easier documentation (since the SP and (b) because in the UK more IdPs have to have non self signed certs because of legacy software considerations.
Either way I it feels like a good idea to align the IdPs capabilities with the SP and I can see good reasons to want to be able to do this easily.
I just took a look at build.xml and it looks as though this might be possible with very little effort. If it's less than a day (and it's hard to see how it could be more) I'll happily do the work for this as part of 2.3, otherwise can we move this to 3.x?
I got a strong steer for the UK Fed support guys that it would be nice to be able to generate the self-signed .key/.cert/.jks which the IdP installation does as a separate beast from the instalation. II'm not sure why it important to them. I suspect that its (a) to allow easier documentation (since the SP and (b) because in the UK more IdPs have to have non self signed certs because of legacy software considerations.
Either way I it feels like a good idea to align the IdPs capabilities with the SP and I can see good reasons to want to be able to do this easily.
I just took a look at build.xml and it looks as though this might be possible with very little effort. If it's less than a day (and it's hard to see how it could be more) I'll happily do the work for this as part of 2.3, otherwise can we move this to 3.x?