...
...
...
...
...
...
...
...
Comment: Remember to update the release version number before publishing externally.
| Info |
|---|
This article includes updates for Smart ID IdentityManager 24.R1 or later. |
Attestation keys are keypairs. The private keys are used by Smart ID Mobile App and Smart ID Desktop App to sign Certification Signing Requests (CSR) while the public keys are used by Smart ID Identity Manager to verify the requests.
...
Copy the created keystore to a location where Identity Manager can access it.
Edit the sign and encrypt engine's configuration and create a new key entry referencing the keystore.
Create a new descriptor entry referencing this key entry. The name of the descriptor must be exactly the same as it is named in the Smart ID mobile or personal app, prepended with the string "att_". The key name is denoted "kid" in the key material, so in the example above you need to set it to "att_attestation_key_id" David Banzdoes personal mean Personal Desktop Client here or Smart ID Desktop App?
To use new keys for an existing descriptor, create a new descriptor or key entry with an incremented version. Signatures will be validated against all versions of the key, until a valid one is found. This is useful in case some clients still have the old keys.
...