Skip to content

Suite Framework

Signing Keys

Suite Framework on Azure DevOps

Suite Framework

Suite Framework on Azure DevOps

Overview
Fundamentals
Fundamentals
- Overview
- Layered Architecture
  Layered Architecture
- Observability
- Exception Handling
- Sagas Error Handling
- Service Discovery
- Testing
- Microservices
  Microservices
.NET
.NET
- Overview
- Suite Module
  Suite Module
  - Overview
  - ASP.NET Module
  - Configuration
  - Dependency Injection
  - Patterns
    Patterns
    
    Registrations
    
    Provider
    
    Auto Discovery
- Modules
  Modules
  - Activation
  - AutoMapper
  - Exception Handling
  - Localization
  - HTTP
  - Validation
  - Service Discovery
  - DataGathering
  - DataSeeding
    DataSeeding
    
    Overview
    
    DataSeeder
    
    External
    
    DataSource
  - Persistence
    Persistence
    
    Overview
    
    The DbContext
    
    Configuration
    
    Connection Strings
    
    Class Mappings
    
    Mapping Conventions
    
    Repository
    
    Migrations
    
    Specification
    
    AspNetPersistenceModule
    
    AuditInfo
  - MVC
    MVC
    
    App Services
    
    App Services Routing
    
    App Services Client
    
    ASP.NET Controllers
    
    CORS
    
    MVC Views
    
    Model validation
    
    Current User
  - Spa
    Spa
    
    Hosting
    
    Configuration
  - MassTransit
    MassTransit
    
    Overview
    
    Producers
    
    Consumers
    
    Sagas
    
    Error Handling
  - GraphQL
    GraphQL
    
    Overview
    
    Generic UIs
    
    Custom Queries
    
    Custom Mutations
    
    Schema Federation
    
    Quick Search
    
    Authentication
    
    Authorization
  - Legacy
    Legacy
    
    Aims Legacy Connector Module
    
    Core Legacy Notification Connector Module
- Runtime
  Runtime
- Services
  Services
  - Overview
  - Tutorials
    Tutorials
    
    Getting Started
    Getting Started
    
    Introduction
    
    Creating the Equipments microservice
    
    Customizing the Equipment Entity
    
    Customizing the Consumer
    
    Seeding Data
    
    Exposing the Entity on GraphQL
    
    Creating the Equipment Management Application BFF
    
    Enforcing Authorization
    
    Creating the Application Service
    
    Configuring Docker
    
    Managing child collections
  - Audit Trails
  - Entity Management
  - Change Reason
- API versioning
- Serialization
- Conventions
  Conventions
  - Naming
- Testing
  Testing
- Solution Files
- NuGet Packages
- Nullable reference types
- Templates
- Suite Context
- Upgrading
Angular
Angular
- Overview
- Tutorials
  Tutorials
- Suite Module
  Suite Module
  - Overview
  - Theming
  - Routing
- Modules
  Modules
  - Shell
    Shell
    
    Localization
    
    Navigation
  - Service Discovery
  - Error Handling
  - List Page
  - Tree Page
  - Form Page
  - Dialogs
  - Workflow
  - Forms
    Forms
    
    Overview
    
    Select
  - Authentication
  - Rbac
    Rbac
    
    Permissions
- Runtime
  Runtime
- Style Guide
- State Management
- Logging
- Generators
- Unit Tests
- Storybook
Development
Development
- Overview
- Contribution Guidelines
- Documentation Guidelines
- Development Environment
- Non-prod Deployments
- Devcontainer
- Suite CLI
- Tools
  Tools
  - Visual Studio Code
  - VSCode Jest Debug
Agility
Agility
Services
Services
- Identity
  Identity
  - Overview
  - Integration
    Integration
    
    Overview
    
    Client Seeding
  - Building
  - Fundamentals
    Fundamentals
    
    Overview
    
    Authentication Fundamentals
    
    Identity Token and Claims
  - Conventions
    Conventions
    
    Overview
    
    AuthCode+PKCE
    
    mTLS
    
    Client Configuration
  - Signing Keys Signing Keys
    Table of contents
    
    Generating the x509 certificate
    
    Identity Signing Key Configuration
- Assets
  Assets
  - Overview
- BusinessRules
  BusinessRules
- DataLoader
  DataLoader
  - Overview
  - Integration
- DataManagement
  DataManagement
  - Overview
  - DataGathering
    DataGathering
    
    Overview
    
    Integration
- DataSeeder
  DataSeeder
  - Overview
  - Fundamentals
- DataSync
  DataSync
  - Overview
  - Fundamentals
    Fundamentals
    
    Overview
    
    Data Sharing
    
    Installation
    
    Rules
    
    Sequence number
    
    Working with databases
    
    Data Gathering
    
    Gateway
    
    File splitting/compression
    
    Replication properties
  - Contribution
  - Integration
    Integration
    
    Overview
    
    Templates
    
    Configuration
    
    Startup
    
    Engine runnning
- Departments
  Departments
  - Overview
  - Integration
    Integration
    
    Overview
- FileStorage
  FileStorage
  - Overview
  - Integration
    Integration
    
    Overview
    
    Backend FileManager
- iInspector
  iInspector
  - Development
    Development
    
    Adding Item Types
  - Migration
    Migration
    
    Naming
    
    Entities State
- Locations
  Locations
  - Overview
- Positions
  Positions
  - Overview
  - Fundamentals
    Fundamentals
    
    Overview
  - Integration
    Integration
    
    Overview
- Scheduler
  Scheduler
  - Integration
- Settings
  Settings
  - Overview
  - Integration
    Integration
    
    Client Module
    
    Contribution Module
    
    Spa Client Module
- SharingLevels
  SharingLevels
  - Integration
- Spares
  Spares
  - Overview
  - Integration
    Integration
    
    Overview
    
    Client Module
- Subscriptions
  Subscriptions
- Users
  Users
  - Fundamentals
  - Integration
- UxRoles
  UxRoles
  - Overview
  - Fundamentals
    Fundamentals
    
    Overview
    
    Folder Definitions
  - Integration
    Integration
    
    Overview
    
    UI
- Replication
  Replication
  - Overview
  - Routing
  - RabbitMQ
  - Integration
- RBAC
  RBAC
  - Overview
  - Fundamentals
- Scheduler
  Scheduler
  - Integration
  - Fundamentals
    Fundamentals
    
    Overview
    
    Schedule Types
    
    Scheduler Composition
    
    Differences With Core
  - Integration
    Integration
    
    Overview
    
    Schedule Creation
    
    Customizable Options
    
    Testing
- Components
  Components
  - Overview
  - Fundamentals
    Fundamentals
    
    Overview
  - Integration
    Integration
    
    Overview
- GeneralArrangements
  GeneralArrangements
  - Overview
  - Fundamentals
    Fundamentals
    
    Overview
  - Integration
    Integration
    
    Overview
    
    Optional services integration
- DeckPlan
  DeckPlan
  - Overview
  - Fundamentals
    Fundamentals
    
    Overview
    
    File Server
  - Integration
    Integration
    
    Overview
- Spare Requests
  Spare Requests
  - Overview
- Workflows
  Workflows
  - Overview
  - Fundamentals
    Fundamentals
    
    Workflow builder
    
    Workflow definitions
    
    Entities
    
    Actions
    
    Arguments
    
    States
    
    Transitions
  - Integration
- Applications
  Applications
- Emailing
  Emailing
- Time Zones
  Time Zones
- Legacy
  Legacy
  - Core Notifications Connector
    Core Notifications Connector
    
    Overview
    
    Fundamentals
RFCs
RFCs
- Custom Fields (v1)
Troubleshooting
Troubleshooting
- Kibana

Identity Signing Keys¶

IdentityServer requires signing and validation keys in order to sign and validate tokens.

The Suite Identity Service supports loading a PEM certificate for providing these keys in production, ideally through a kubernetes secret as current implemented in deployments

Generating the x509 certificate¶

Bash
# Generate the public key
openssl genrsa -out signing-key.priv.pem 1024

# Generate the private key
openssl req -new -x509 -key signing-key.priv.pem -out signing-key.pub.pem

Identity Signing Key Configuration¶

To configure the Identity Service to use a PEM Certificate public and private key we can use the SuiteIdentityOptions.SigningCredentialsPublicKeyPath and SuiteIdentityOptions.SigningCredentialsPrivateKeyPath.