Begin forwarded message:

From: Sree Tummidi <stummidi(a)pivotal.io>
Subject: [cf-dev] IMPORTANT: Upcoming breaking changes in UAA V23/3.9.2/cf-release 248
Date: November 28, 2016 at 1:56:00 PM EST
To: "stummidi(a)pivotal.io" <stummidi(a)pivotal.io>
Reply-To: "Discussions about Cloud Foundry projects and the system overall." <cf-dev(a)lists.cloudfoundry.org>

Please read carefully if you are using UAA as standalone or as a bosh release or part of cf-release


Starting with UAA bosh release V23 <http://bosh.io/releases/github.com/cloudfoundry/uaa-release?version=23> which packages UAA 3.9.2 <https://github.com/cloudfoundry/uaa/releases/tag/3.9.2> and cf-release 248 (in works) the following properties have been made required.

These are standard artifacts which can be generated using openssl. Please refer the topic here <https://github.com/cloudfoundry/uaa-release#generating-a-self-signed-certificate> on how to generate a self signed cert.


login.saml.serviceProviderCertificate:
description: "UAA SAML Service provider certificate. This is used for signing outgoing SAML Authentication Requests"
example: |
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE----

login.saml.serviceProviderKey:
description: "Private key for the service provider certificate."
example: |
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----


uaa.jwt.policy.keys:
description: "Map of key IDs and signing keys, each defined with a property `signingKey`"
example:
key-1:
signingKey: |
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----

uaa.jwt.policy.active_key_id:
description: "The ID of the JWT signing key to be used when signing tokens."
example: "key-1"


Thanks,
Sree Tummidi
Staff Product Manager
Identity - Pivotal Cloud Foundry