Details
-
Suggestion
-
Resolution: Fixed
-
None
-
None
Description
Suggestion Summary
Update documentation to add information about how to regenerate Crowd Certificate for SSO 2.0
In the Crowd SSO 2.0 Documentation there is a mention about regenrating the certificate in the case of security breach and here is the quote from the documentation:
Crowd's certificate is by default valid for 5 years. After that time, you'll have to regenerate the certificate and manually copy it over to individual applications for which you want to use SSO 2.0. In case of a security breach, for safety reasons we suggest that you regenerate the certificate and copy it to your applications immediately.
Remember that a regenerated certificate needs to be again provided in all application you want to use SSO with.
However there isn't any step documented about how to regenerate the cert.
Environment
- Crowd 3.4 onwards (that supports SSO 2.0)
Suggestion
Include the method to regenerate the certificate for Crowd into the official documentation
Resolution
Follow the REST API call that is mentioned in the REST API page below:
POST /rest/admin/1.0//samlconfig/reset-certificates