Why is there a tempkey.jwk in API project? #3380 | Support

nhontran created 2 years ago

ABP Framework version: v5.2.2
UI type: Angular
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): yes
Exception message and stack trace:
Steps to reproduce the issue:"

Hi, I have updated my IdentityServer project to not using the developer signing credential, the tempkey.jwk is not generated after that:

    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        // disable developer signing credential
        PreConfigure<AbpIdentityServerBuilderOptions>(options =>
        {
            options.AddDeveloperSigningCredential = false;
        });

        // add custom signing credential
        var cert = GetClientCertificate("cbc983009c08bc76cc2a61fc4a21349792d6452d");
        PreConfigure<IIdentityServerBuilder>(builder =>
        {
            builder.AddSigningCredential(cert);
        });
    }

However, the API project still keeps generating the tempkey.jwk file during the start up, anyone knows why and what is it using for?

3 Answer(s)

0

maliming created 2 years ago
Support Team Fullstack Developer

hi

.HttpApi.Host > EntityFrameworkCore > Volo.Abp.IdentityServer.EntityFrameworkCore > AbpIdentityServerDomainModule > AddDeveloperSigningCredential = true

You can set AddDeveloperSigningCredential to false in .HttpApi.Host
0

nhontran created 2 years ago

Thanks @maliming, so the tempkey.jwk is generated because Api.Host references to AbpIdentityServerDomain module, this file is not in used, right?
0

maliming created 2 years ago
Support Team Fullstack Developer

Correct.

Have an answer to this question? Log in and write your answer.