We are working with a partner who has provided a public key which needs to be used to encrypt a JSON Web Token (JWT), thus becoming a JWE.
Previous discussions with CA support have indicated that the CA API Gateway is not capable of doing this.
Has anyone been able to make this work?
Example of the Public Key format (note: NOT a Public Cert):
-----BEGIN PUBLIC KEY-----MIIBIjANBxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-----END PUBLIC KEY-----
We have tried populating this in a context variable as follows (note: not a certificate, so we cannot import this in the Manage certificates screen):
Usage of the key in Encode Json Web Token properties:
Our 3rd party has indicated the following
Error in Gateway Audit Events:
Building on the work done in this community post (Encode json web token properties ) that also links this Document (How to sign a payload using Encode JSON web token - CA Knowledge). I used the policy from the document to build out a new policy that will take a variable with the Base64 of the RSA Public Key (in this case stored in a variable but can be extracted from any source) and decode it into a certificate variable to be used in the Encode JSON Web Token assertion.