JWS key and certificate rollover May 2023

 

Start date and time 

2023-05-11 09:00

End date and time  

2023-05-11 10:00

 

Impact

Validation of JWS signatures returned by Freja

Description

We will perform a rollover of the JWS signing key and certificate in Freja eID Production system whereafter you will need to use the new certificate to validate JWS signatures returned by Freja.

Action

If you validate JWS signatures returned by Freja, we suggest implement selection of the verification certificates based on the JWS header x5t value, see REST API Documentation | RESTAPIDocumentation JWScertificatesintest  for more details. 

The key change has already been implemented in our TEST environment on 2023-02-28 so you can test your implementation.

 

To simplify handling of Freja JWS Signature validation in the future the signing certificates for Customer test and Production environments are now available online at https://www.frejaeid.com/tc/jwscerts/x5t_header_value.pem, see tables below for examples.

  

JWS certificates in Test

 

x5t

From/Until

URL

2LQIrINOzwWAVDhoYybqUcXXmVs

From 2020-05-13

https://www.frejaeid.com/tc/jwscerts/2LQIrINOzwWAVDhoYybqUcXXmVs.pem

DiZbzBfysUm6-IwI-GtienEsbjc

From 2023-02-23

https://www.frejaeid.com/tc/jwscerts/DiZbzBfysUm6-IwI-GtienEsbjc.pem

 

JWS certificates in Production

 

x5t

From/Until

URL

aRw9OLn2BhM7hxoc458cIXHfezw

From 2020-05-14

https://www.frejaeid.com/tc/jwscerts/aRw9OLn2BhM7hxoc458cIXHfezw.pem

wSYLdhe93ToPR2X1UrNXxOg1juI

From 2023-02-23

https://www.frejaeid.com/tc/jwscerts/wSYLdhe93ToPR2X1UrNXxOg1juI.pem

 

Please contact us if you have any questions related to this matter,

Kind regards

Freja eID Partner Support

partnersupport@frejaeid.com | status.frejaeid.info