JWS key and certificate rollover May 2023
- Dragoljub Nesic (Deactivated)
Start date and time | 2023-05-11 09:00 |
End date and time | 2023-05-11 10:00 |
Impact | Validation of JWS signatures returned by Freja |
Description | We will perform a rollover of the JWS signing key and certificate in Freja eID Production system whereafter you will need to use the new certificate to validate JWS signatures returned by Freja. |
Action | If you validate JWS signatures returned by Freja, we suggest implement selection of the verification certificates based on the JWS header x5t value, see REST API Documentation | RESTAPIDocumentation JWScertificatesintest for more details. |
The key change has already been implemented in our TEST environment on 2023-02-28 so you can test your implementation.
To simplify handling of Freja JWS Signature validation in the future the signing certificates for Customer test and Production environments are now available online at https://www.frejaeid.com/tc/jwscerts/x5t_header_value.pem, see tables below for examples.
JWS certificates in Test |
| |
x5t | From/Until | URL |
2LQIrINOzwWAVDhoYybqUcXXmVs | From 2020-05-13 | https://www.frejaeid.com/tc/jwscerts/2LQIrINOzwWAVDhoYybqUcXXmVs.pem |
DiZbzBfysUm6-IwI-GtienEsbjc | From 2023-02-23 | https://www.frejaeid.com/tc/jwscerts/DiZbzBfysUm6-IwI-GtienEsbjc.pem |
JWS certificates in Production |
| |
x5t | From/Until | URL |
aRw9OLn2BhM7hxoc458cIXHfezw | From 2020-05-14 | https://www.frejaeid.com/tc/jwscerts/aRw9OLn2BhM7hxoc458cIXHfezw.pem |
wSYLdhe93ToPR2X1UrNXxOg1juI | From 2023-02-23 | https://www.frejaeid.com/tc/jwscerts/wSYLdhe93ToPR2X1UrNXxOg1juI.pem |
Please contact us if you have any questions related to this matter,
Kind regards
Freja eID Partner Support
partnersupport@frejaeid.com | status.frejaeid.info