Hi,
I want to genarate JWT token and I've kept privateKey in KVM but when I use GenerateJWT policy it throws an error. Details are as mentioned below;
KVM :-
{ "encrypted": true, "entry": [{ "name": "privateid", "value": "123456789" }, { "name": "privatekey", "value": "U2lkZGhlVGVzdGluZw==" } ], "name": "JWTTestConfiguration" }
Error Message :- cannot instantiate private key
Below are the screen shots of the policies
Hi @revanthganesh3 ,
Is the private key protected with password?
And also, please check the following earlier discussions, whether helps you to solve your problem:
Br,
Marcello
You have your privatekey in the KVM as U2lkZGhlVGVzdGluZw== .
That is apparently a base64-encoded version od this string: SiddheTesting
That is not a private key.
If you use GenerateJWT, with algorithm=RS256, then you need a PEM-encoded RSA private key. This is described here, in the documentation.
The encoded key will look something like this:
You can generate your own RSA keypairs using this webpage, or using the openssl tool, like so:
openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out keypair.pem
The file keypair.pem will hold the encoded private key.
And to extract the public key from that, you can use:
openssl pkey -pubout -inform PEM -outform PEM \
-in keypair.pem \
-out public-genpkey.pem
You will then need to load the private key, the full string, with newlines and all, into the KVM. If you are doing that from curl, you need to take care to encode the newlines that must appear in the JSON payload. This script might help.
Conversely, if you want to use a key like SiddheTesting , then maybe you should use the HS256 algorithm, which relies on a secretkey, not a private key.
Here is a review of different signing algorithms used in JWT, in case you need a refresher or review.