Commit 6fe09ec2 authored by ale's avatar ale

Properly parse the x509 cert in saml-server

parent 62a48de8
Pipeline #4101 passed with stages
in 3 minutes and 21 seconds
......@@ -3,6 +3,7 @@ package saml
import (
"crypto/rand"
"crypto/tls"
"crypto/x509"
"encoding/base64"
"encoding/hex"
"encoding/xml"
......@@ -213,7 +214,11 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {
return nil, err
}
cert, err := tls.LoadX509KeyPair(config.CertificateFile, config.PrivateKeyFile)
tlsCert, err := tls.LoadX509KeyPair(config.CertificateFile, config.PrivateKeyFile)
if err != nil {
return nil, err
}
x509Cert, err := x509.ParseCertificate(tlsCert.Certificate[0])
if err != nil {
return nil, err
}
......@@ -250,8 +255,8 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {
// mux.Router in front in order to wrap just the ssoURL with
// our own SSO handler.
idp := &saml.IdentityProvider{
Key: cert.PrivateKey,
Certificate: cert.Leaf,
Key: tlsCert.PrivateKey,
Certificate: x509Cert,
Logger: logger.DefaultLogger,
MetadataURL: metadataURL,
SSOURL: ssoURL,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment