Sybren A. Stüvel
681294da09
The info in the README was out of date, and it wasn't included in the distribution package either.
JWT Key Store
This directory contains the ECDSA keys for JWT signing and validation.
All files that match the *-public*.pem pattern will be loaded as public
keys, and be implicitly trusted as authoritative for any received JWT
token.
As an exception to the above rule, any key that has test in its filename
will be excluded. This is to prevent unit test keys from being loaded.
Generating keys
One private key es256-private.pem may exist. If it does it will be
loaded to allow token generation for testing purposes. Note that
your Flamenco Manager WILL BE INSECURE as anyone accessing it can also
request an authentication token.
To generate a keypair for ES256:
openssl ecparam -genkey -name prime256v1 -noout -out es256-private.pem
openssl ec -in es256-private.pem -pubout -out es256-public.pem