I am using Okta for SAML sign-on. I need to change the default self-signed certificate of Okta and use a certificate signed by third party. I need this because I need to revoke Okta certificate and check the OCSP flow in my server and check whether Okta authentication is rejected. Is this supported in Okta? please help
Okta certificate revokation
299 Views Asked by Bhuvana Dhanam At
1
There are 1 best solutions below
Related Questions in CERTIFICATE
- Create aws certification for domain
- How can I create a simple signed certificate for my Windows Forms .NET app in Visual Studio 2022
- Problem validating server certificate connecting to a Kafka cluster
- connecting to secure server from Java application without importing certificate to keystore
- Inside Windows 2016 : error message : "Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty"
- Visual Studio 2022 free certificate problem. "cannot import key file " how to fix
- How do I sign a powershell script with in-network server so that all clients can run script without changing execution policy?
- Mac Sonoma 14.4 Dotnet 8.0.203 SDK webapi https error
- CA certificate for .NET Maui
- Fiddler doesn't work because Chrome and Edge don't trust fiddler certificate
- openssl: try to load local ca store
- Authentication with SmartCard sending a SOAPUI request
- SSL/TLS certificate exchange/renewal needs private key of the old certificate in CSR
- Questions about p12 certificate and private key password
- ERROR: Could not install packages due to an OSError: Could not find a suitable TLS CA certificate bundle, invalid path: /path/to/cacert.pem
Related Questions in SAML-2.0
- Institutional Login Page on a React Flask App
- Migrate from SAML extensions to SAML service provider and spring security
- Separate web application that does not get SAML authenticated when using Systainsys library and IIS
- How to handle encrypted SAML response with openssl
- "RelayState is invalid" Error in GitHub SAML SSO
- Spring Boot SAML Authentication Issue with Identity Provider (IdP) on Virtual Machine
- Do line breaks or spaces affect saml assertion validation?
- Azure Claim Regex - Unable to filter a claim
- SAML Assertion does not contain KeyInfo element in SubjectConfirmationData
- Adding Private Key to RelyingPartyRegistration in Spring Boot and Spring Security
- SAML Error - The server requires a signed SAML authentication request but no signature is present
- IdentityServer 4 - idsrv and idsrv.session cookies blocked on signin-oidc call
- Challenges with SAML Front Channel Logout and clearing cookies in sites on different domains
- shibboleth 5 with slapd integration login
- Unique SAML issuer required for each application within the same EntraID account
Related Questions in OKTA
- Backstage Okta authentication: "Unknown auth provider 'okta'"
- Is Okta's Spring Boot Starter mandatory to integrate a Spring Boot app to Okta?
- Implementing JWT Token Authorization in .NET 8 using AddJwtBearer() with a Custom Role Based Attributes
- OKTA User Impersonation _Masquerade
- OKTA SSO Driven API Invocation
- Azure B2C cannot use Okta as IdP via OIDC - 'Signature validation failed'
- How to get IdToken while using Spring Oauth Resource Server
- Errors in Accessing Okta API with Client Credentials Flow Using Client Secret
- Integrating Okta via a Authorization Filter
- Spring Boot error: "No converter found capable of converting from type [java.lang.String] to type [....client.OAuth2ClientProperties$Registration]"
- How to get claims in c#?
- How to add Okta access token by default to all axios request
- Okta as Identity broker for several External IDPs
- auth0 by okta problem login in my db with laravel breeze error Invalid state
- OpenID Connect Cookie ExpireTimeSpan Ignored
Related Questions in OCSP
- How to handle both traditional OCSP and OCSP stapling on client side
- Embedding OCSP certificate status in PDF signature: not working when the OCSP responderCert != issuerCert
- why big sites do not use ocsp stapling?
- Is this invocation of "openssl s_client -connect" actually querying OCSP responder servers to confirm the current validity of certificates?
- OCSP Revocation on client certificate
- java support online certificate status protocol
- Java OCSP Client using openSSL
- Configure IIS To Verify Client Certificate using external OCSP
- How to check OCSP client certificate revocation using Python Requests library?
- How can I extract a certificate from the OpenSSL default CA bundle by subject or hash?
- PKIXRevocationChecker does not use OCSP Responder URL set in Certificate
- EJBCA OCSP service Default URI ,how to set defult value
- Nginx serves local file verse performing a proxy pass
- Which OCSP C API's to use for Certificate verification on OCSP Server
- Android_11 Exception Handling Issue: javax.net.ssl.SSLHandshakeException: Chain validation failed
Related Questions in CERTIFICATE-REVOCATION
- Question on Chrome's Certificate Revocation Checking
- In the X.509 CRL v2 format, why is there a requirement to duplicate the "AlgorithmIdentifier" fields?
- openssl: how to use revocation list with SSL_CTX_load_verify_locations?
- How to recognize RevocationStatusUnknown or OfflineRevocation errors on X509Certificate validation?
- Solved - SSL certificate validation fails with 'The revocation function was unable to check revocation because the revocation server was offline."
- How can openssl s_client be used to check if a TLS server presents a revoked certificate?
- Adding PDF revocation information as an signed attribute pdfRevocationInfoArchival OID 1.2.840.113583.1.1.8 is not working
- How to disable certificate revocation list (CRL) caching on IIS 10.0?
- Parsing a certificate revocation list in nodejs
- Given an X509 certificate revocation list in PEM format, how do I convert that to a list of serial numbers of revoked certificates?
- Downloading solana dev tools error: "curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012)"
- How to add CRLs to caStore created by Node-forge
- Mosquitto blocks all connections when using CRL file
- MIMEKIT MultipartSigned.Verify How can I disable Certificate Revocation list ceck?
- Okta certificate revokation
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Check this API - https://developer.okta.com/docs/reference/api/apps/#publish-csr-for-application
I haven't tried it on my own, but it seems it should work for you. Only thing, you need first generate CSR for the app inside Okta, get it out of Okta, sign it with whatever CA and then load back the signed cert with the API I posted above.
All the step before that are also covered on the page I shared you the link to.