trusted certificate entries are not password-protected Spring SAML

Question

I have generated testIdp.cer file by copying 509 entry of the IDP I am planning to connect. Then I created JKS file by executing the following command

keytoo         


        

Answer 1

This error occurs also when you don't have a private key in your Keystore. SAML uses the private key to generate the Service provider meta data used to communicate with the IDP. Just add one to the Keystore like this: keytool -genkey -v -keystore some_key_store.jks -alias some_alias -keyalg RSA -keysize 2048 -validity 36500 Fill in the questions and set validity to an appropriate number of days. (In my example it's valid for 100 years) Remember to add the public certificate from IDP. Then you should be ready to go.