Blueprint Developer Manual / Version 2207
Table Of Contents
The signCookie.privateKey and signCookie.publicKey properties are used to configure a RSA key pair that is used to recognize returning unknown visitors via a signed token.
The token is created and verified by com.coremedia.blueprint.elastic.social.cae.guid.GuidCookieHandler.
Private and public key must be set via Spring Settings for all deployed blueprint CAE instances.
The recommended way to create a key pair is to use external tools like OpenSSL. To generate a key pair with OpenSSL follow these steps:
Generate Private Key:
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out private-key.pemShow Private Key:
openssl pkey -in private-key.pem -textGenerate corresponding Public Key:
openssl pkey -in private-key.pem -out public-key.pem -puboutShow Public Key:
openssl pkey -in public-key.pem -pubin -text
Another possible way to generate a key pair is to create a custom JVM based tool using the Java standard library classes
java.security.KeyFactory and java.security.KeyPairGenerator.
A third but less recommended way is to simply not configure these keys, start your CAE instance and then copy the key pair from that CAE's log file. The generated key pair is logged at level WARN.
