We are working with a partner who has provided a public key which needs to be used to encrypt a JSON Web Token (JWT), thus becoming a JWE.
Previous discussions with CA support have indicated that the CA API Gateway is not capable of doing this.
Has anyone been able to make this work?
Example of the Public Key format (note: NOT a Public Cert):
-----BEGIN PUBLIC KEY-----
MIIBIjANBxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END PUBLIC KEY-----
We have tried populating this in a context variable as follows (note: not a certificate, so we cannot import this in the Manage certificates screen):
Usage of the key in Encode Json Web Token properties:
Our 3rd party has indicated the following
Algorithm | Encryption | Key Size |
---|
RSA-OAEP | A256CBC-HS512 | 2048 |
Error in Gateway Audit Events: