THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
JOSE JAX-RS Filters
JWE
JWS
Configuration
...
Configuration that applies to both encryption and signature
rs.security.keystore.type | The keystore type. Suitable values are "jks" or "jwk". |
| rs.security.keystore.password | The password required to access the keystore. |
| rs.security.key.password | The password required to access the private key (in the keystore). |
| rs.security.keystore.alias | The keystore alias corresponding to the key to use. You can append one of the following to this tag to get the alias for more specific operations: - jwe.out - jwe.in - jws.out - jws.in |
| rs.security.keystore.aliases | The keystore aliases corresponding to the keys to use, when using the JSON serialization form. You can append one of the following to this tag to get the alias for more specific operations: - jws.out - jws.in |
| rs.security.keystore.file | The path to the keystore file. |
| rs.security.key.password.provider | A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys. |
| rs.security.include.public.key | Include the JWK public key (for signature or encryption) in the "jwk" header. |
| rs.security.include.cert | Include the X.509 certificate (for signature or encryption) in the "x5c" header. |
| rs.security.include.key.id | Include the JWK key id (for signature or encryption) in the "kid" header. |
| rs.security.include.cert.sha1 | Include the X.509 certificate SHA-1 digest (for signature or encryption) in the "x5t" header. |
Encrypting JWK stores
JAX-RS filters can read the keys from encrypted JWK stores. The stores are encrypted inline or in separate storages (files). By default the filters expect that the stores has been encrypted using
...