Library to implement IdentityServer4 signing key rollover issued by CertManager in k8s infrastructure. The workflow is the following:
- CertManager generates Secret that contains current signing key (
tls.crt,tls.key) and PKCS12 keystore that contains CA & previously issued certificate (keystore.p12). - Identity service mount the Secret to filesystem. So it gets files
tls.crt,tls.keyandkeystore.p12in a folder. - To start using the keys use extension method
services.AddCertManagerSigningCredential
To get more details about IdentityServer4 keys rollover see the official documentation.