Apex Code Development You need to sign in to do that
Don't have an account?
Emmanuel telmon Where is the Certificate Private Key
Hi,
I am trying to generate a SAML assertion to get an access token.
While coding, I was requested to provide a crt and private key (using node module saml). But I do not have the latter to sign to document.
I followed the instruction to create a self signed certificate
https://help.salesforce.com/articleView?err=1&id=security_keys_creating.htm&type=5
I download the crt file generated by Salesforce. But I do not see the private key within.
Do I need to generate my own certificate and upload it in SF instead?
Regards,
Emmanuel.
Newbie
I am trying to generate a SAML assertion to get an access token.
While coding, I was requested to provide a crt and private key (using node module saml). But I do not have the latter to sign to document.
I followed the instruction to create a self signed certificate
https://help.salesforce.com/articleView?err=1&id=security_keys_creating.htm&type=5
I download the crt file generated by Salesforce. But I do not see the private key within.
Do I need to generate my own certificate and upload it in SF instead?
Regards,
Emmanuel.
Newbie
Greetings to you!
To get a private key for your API call. I have listed some steps that may help you solve this issue.
1. The first step is to generate a self-signing public certificate and private key. Open the terminal and run the following:
// Generate Private Key.
//Note: privkey is a custom name of the private Key.
openssl genrsa > privkey.pem
2. You need to use the private key file with the OpenSSL pkcs8 command to process the private keys into PKCS#8 format.
Open terminal again and run:
//Comanad:
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -outform PEM
3. Copy the Key and use as a pkcs8 format private key.
Syntax (sample code) to use the key:
String algorithmName = 'RSA'; String key = 'pkcs8 format private key'; Blob privateKey = EncodingUtil.base64Decode(key); Blob input = Blob.valueOf('1234Call'); Crypto.sign(algorithmName, input, privateKey);Please refer to the below links which might help you further with the above requirement.
https://help.salesforce.com/articleView?id=000331419&type=1
https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_auth_key_and_cert.htm
I hope it helps you.
Kindly let me know if it helps you and close your query by marking it as solved so that it can help others in the future. It will help to keep this community clean.
Thanks and Regards,
Khan Anas
If we generate a new private key, we also have a new public certificate.
After I get a new public certificate, where do I upload it in SF? what do I upload?
would I upload it in the field verify request signatures (choose file) in my connected app?
My goal is to have the SAML assertion flow working to get the access token.
So far the only thing I have is a valid SAML response sent by SF IDP when the user logged in with the redirect url. I wonder if I could reuse this response to get the access token?
Thank you.
Emmanuel
Newbie