-
-
Notifications
You must be signed in to change notification settings - Fork 330
-
After setting OIDCProviderTokenEndpointAuth to private_key_jwt, apache2 fails to start with this message:
Invalid value for directive 'OIDCProviderTokenEndpointAuth': invalid value 'private_key_jwt', must be one of ['client_secret_post'|'client_secret_basic'|'client_secret_jwt'|'none'|'bearer_access_token']
Is this not supported with version 2.4.4.1 (currently the latest version in alpine repo)?
Beta Was this translation helpful? Give feedback.
All reactions
it is supported but to be able to use private_key_jwt you'll also need to set OIDCPrivateKeyFiles and OIDCPublicKeyFiles as noted here https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.4.1/auth_openidc.conf#L337
Replies: 1 comment 3 replies
-
it is supported but to be able to use private_key_jwt you'll also need to set OIDCPrivateKeyFiles and OIDCPublicKeyFiles as noted here https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.4.1/auth_openidc.conf#L337
Beta Was this translation helpful? Give feedback.
All reactions
-
Thanks! I didn't realize the order of the directives was important, so was setting the keys right after OIDCProviderTokenEndpointAuth private_key_jwt.
Beta Was this translation helpful? Give feedback.
All reactions
-
thanks, I did not realize either that order was important indeed
Beta Was this translation helpful? Give feedback.
All reactions
-
This also tripped me up. I think it would be helpful to put OIDCProviderTokenEndpointAuth after OIDCPublic/PrivateKeyFiles in the default config.
Beta Was this translation helpful? Give feedback.