By docteger on Mar 14, 2008
Buried deep in an entry I wrote a few days ago on setting up a SAMLv2 IDP proxy was some exciting (well - to me anyway) news concerning keystores: a keystore is now created during deployment of the
opensso.war. Previously, we had product documentation and FAQ to explain how to create a keystore using
keytool. Now, this default keystore (and it's included key entry) can be used for customer demos after configuring the OpenSSO WAR. The keystore contains one key entry represented by the alias test. The keystore file password is secret as is the password used to protect the entry. This keystore alias is used by the Security Token Service to sign the generated security tokens. (Now you can see why you should use this alias only for customer demos.) So, in honor of our new keystore, here's vintage Melanie singing her song, Brand New Key.