Identity Server 4 - IDX10630: PII is hidden
I'm fairly new to using encryption and rsa tokens and I'm trying to get IDentityServer4 to not use the developersigning, but one of my own. Here is what I have tried so far:
var keyInfo = new RSACryptoServiceProvider().ExportParameters(true);
var rsaSecurityKey = new RsaSecurityKey(new RSAParameters
{
D = keyInfo.D,
DP = keyInfo.DP,
DQ = keyInfo.DQ,
Exponent = keyInfo.Exponent,
InverseQ = keyInfo.InverseQ,
Modulus = keyInfo.Modulus,
P = keyInfo.P,
Q = keyInfo.Q
});
services.AddIdentityServer()
.AddSigningCredential(rsaSecurityKey)
.AddInMemoryPersistedGrants()
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity<User>();
However, when I run Identity Server4 and I get redirected to sign in page from another website, I get the following error:
IDX10630: The '[PII is hidden]' for signing cannot be smaller than '[PII is hidden]' bits. KeySize: '[PII is hidden]'. Parameter name: key.KeySize
I have to admit, I've been on this all weekend, trying to figure out how to use SigningCredentials and I'm not really sure what I've done wrong above.
Answer
You can see more details in development by adding the following to Configure() in the Startup class:
if (env.IsDevelopment())
{
IdentityModelEventSource.ShowPII = true;
}