Skip to first unread message

Fred Hauschel

Aug 26, 2020, 9:27:20 AM8/26/20
to Trellis LDP
in the trellis docker-compose i configure
But trellis seems to have problems with the url. Where do i find the documentation for the env variables? I didn't find a description of MP_JWT_VERIFY_PUBLICKEY_LOCATION.

Thanks Fredy

trellis_1  | 2020-08-26 13:18:27,609 DEBUG [io.sma.jwt.aut.pri.KeyLocationResolver] (vert.x-eventloop-thread-15) Checking if the key content is a Base64 encoded PEM certificate
trellis_1  | 2020-08-26 13:18:27,609 DEBUG [io.sma.jwt.aut.pri.KeyLocationResolver] (vert.x-eventloop-thread-15) The key content is not a valid encoded PEM certificate: java.lang.IllegalArgumentException: Illegal base64 character 7b
trellis_1  |     at java.base/java.util.Base64$Decoder.decode0(Unknown Source)
trellis_1  |     at java.base/java.util.Base64$Decoder.decode(Unknown Source)
trellis_1  |     at java.base/java.util.Base64$Decoder.decode(Unknown Source)
trellis_1  |     at io.smallrye.jwt.KeyUtils.decodeCertificate(
trellis_1  |     at io.smallrye.jwt.auth.principal.KeyLocationResolver.tryAsPEMCertificate(
trellis_1  |     at io.smallrye.jwt.auth.principal.KeyLocationResolver.initializeKeyContent(
trellis_1  |     at io.smallrye.jwt.auth.principal.KeyLocationResolver.<init>(
trellis_1  |     at io.smallrye.jwt.auth.principal.DefaultJWTTokenParser.getKeyResolver(
trellis_1  |     at io.smallrye.jwt.auth.principal.DefaultJWTTokenParser.parse(
trellis_1  |     at io.smallrye.jwt.auth.principal.DefaultJWTCallerPrincipalFactory.parse(
trellis_1  |     at io.smallrye.jwt.auth.principal.DefaultJWTParser.parse(
trellis_1  |     at io.smallrye.jwt.auth.principal.DefaultJWTParser_ClientProxy.parse(DefaultJWTParser_ClientProxy.zig:186)
trellis_1  |     at io.quarkus.smallrye.jwt.runtime.auth.MpJwtValidator$1.accept(

Aaron Coburn

Aug 26, 2020, 9:30:56 AM8/26/20
That error would be expected. The URL at that location is not in JWKS format. You should use this URL instead:

You received this message because you are subscribed to the Google Groups "Trellis LDP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To view this discussion on the web visit

Fred Hauschel

Aug 26, 2020, 9:37:28 AM8/26/20
to Trellis LDP
wow, that was fast !! i've to invite you to a lot of beers ;-) If you are in germany/munich, let me know ;-)
No it works, but the jwt is expired. there is a problem with the timezone ;-(

New problem, new chance!

thanks a lot.
Reply all
Reply to author
0 new messages