Keycloak Saml IDP, certificate rollover.

[rob van der boom]

Hey,

We are in need of automatic certificate rollover/updates for our serveral saml providers..
I found some requests at keycloak, but got also answer its not in there roadmap (yet), and the tell they are happy if we help to accomplish this.


This is my ticket, and i mentioned related tickets there:
https://issues.redhat.com/browse/KEYCLOAK-19100


Keycloak gave advise also to ask here if anyone has already implement something in keycloak (custom) OR if someone can give a idee what the steps are to build this.

I think what is needed is:
* Store the metadata url's in keycloaks database (no its a one time import).. 
  (can this be done in keycloak , and whats the best way).
* Detect the certificate is expired
* Automatically update the certificate..
* And .. ?

Any help will do thanks.

[Hynek Mlnarik]

I have added a comment to [1]. Would it be possible for you to provide help with any of the items written there?

--Hynek

[1] https://issues.redhat.com/browse/KEYCLOAK-10680

--
You received this message because you are subscribed to the Google Groups "Keycloak Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-dev/e33fd9c6-6e15-4184-a910-96210d0c8053n%40googlegroups.com.

[COSTAS GEORGILAKIS]

Our team submit this PR for automatically updated SAML/OIDC Identity Provider based on  Hynek Mlnařík  comment . Could you review it?