Create JSON web key assertion - x5c , x5t attributes difference in v10
Article ID: 200245
Updated On:
Products
CA API Gateway
API SECURITY
CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7)
CA API Gateway Enterprise Service Manager (Layer 7)
STARTER PACK-7
CA Microgateway
Issue/Introduction
Recently migrated to Gateway v10. While validating, you find two additional attribute getting added when execute "Create JSON web key assertion". The additional are "x5c" and "x5t". You can't find "x5c" and "x5t" in version 10 document as well. Is this expected behavior? If yes, why it is not mentioned in version 10 document?
v10 doc link:
Create-Json-Web-Key-Assertion-Gw10
v11.1 doc link:
Output in v10:
"keys" : [ { "kty" : "RSA", "kid" : "ssgsign.example,com", "use" : "sig", "n" : "hTVJBQN_EDITED_jbU5i2UP_4bj9EVP5zRwbDhypKZWqZVrUtvlGpM0DrdxwtQftwKIY4kkoMaQuC9wnIV0CSw9bE2jarqFUsJ0LfuvUgN-Wtzgom_CuzZSZ1Cy9yi9ubSbNoIgI5kvg6QR62VCNn5cGtPWn_goQQRnPzg4DES0hV8vH_kWc8LcmgEhdjF-lkivvoYXnQt2kxQX8Yhhd1TxQ", "e" : "AQAB",
"x5c" : [ "MIIDHzCCA_EDITED_gIJAPuYcnkvr0FkMA0GCSqGSIb3DQEBDAUAMBsxGTAXBgNVBAMTEHNzZ3NpZ24uY2liYy5jb20wHhcNMTcwOTIxMTIxNjUyWhcNMjIwOTIwMTIxNjUyWjAbMRkwFwYDVQQDExBzc2dzaWduLmNpYmMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQEjfo3XZ9CxCY2SKbU+KpNPIIizM/iDA4=" ],
"x5t" : "8bDtZQ_EDITED_e9M7smsQTJBFAY" }
Environment
Release : 10.x, 11.x
Component : API GATEWAY
Resolution
The values mentioned are expected.
"x5c" was reported to be fixed on v10
Resolved-issues-Gw10.0
DE432816 Fixed an issue with the Encode JSON Web Token assertion where the x5c headers were not generated as configured, and xt5 is part of new features in v10 also.
Create-json-web-key-assertion V11.1
Both parameters (x5c and xt5 ) are properly documented on rfc7517
Feedback
Yes
No
Powered by
