Custom Token Certificates
Upload custom CA and token issuer key pairs to replace auto-generated certificates used for signing JFrog access tokens.
Token certificates are used for signing and validating tokens. The certificate is essentially a key pair comprised of a private key and root certificate: the private.key is used to sign access tokens and the root.crt is the matching public key, used to verify the token's signatures.
The JFrog Platform enables users to use token certificates, also called custom certificate keys. This page covers how to create custom token certificates and how to load them via bootstrapping files.
Prerequisites
- The certificate must match the provided private key.
- The certificate must be valid for the next 7 days at least.
Create a Private-Public Key Pair
Create a private-public key pair using OpenSSL for use with JFrog Platform token certificate configuration. The key pair is used for signing and validating access tokens.
Load the Key Pair through Bootstrap Files
Load the certificate and private key to the JFrog Platform Deployment through bootstrap file paths during certificate initialization.
Updated 24 days ago