diff options
Diffstat (limited to 'id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml')
| -rw-r--r-- | id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml index 9fef4fa2e..46052053a 100644 --- a/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml +++ b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml @@ -3,14 +3,32 @@ <properties> <comment>SWModule encrypt with JKS.</comment> - <entry key="keystorePath">keys/eidasKeyStore.jks</entry> + + <entry key="check_certificate_validity_period">false</entry> + <entry key="disallow_self_signed_certificate">false</entry> + <entry key="response.encryption.mandatory">false</entry> + + <!-- Data Encryption algorithm --> + <entry key="data.encryption.algorithm">http://www.w3.org/2009/xmlenc11#aes256-gcm</entry> + + <!-- Decryption algorithm Whitelist--> + <entry key="encryption.algorithm.whitelist"> + http://www.w3.org/2009/xmlenc11#aes128-gcm; + http://www.w3.org/2009/xmlenc11#aes256-gcm; + http://www.w3.org/2009/xmlenc11#aes192-gcm + </entry> + + <!-- Key Encryption algorithm --> + <entry key="key.encryption.algorithm">http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</entry> + + <entry key="keyStorePath">keys/eidasKeyStore.jks</entry> + <entry key="keyStoreType">JKS</entry> <entry key="keyStorePassword">local-demo</entry> <entry key="keyPassword">local-demo</entry> <!-- Management of the encryption activation --> <entry key="encryptionActivation">eIDAS/encryptionConf.xml</entry> - <entry key="responseToPointIssuer.BE">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium,C=BE</entry> <entry key="responseToPointSerialNumber.BE">54C8F779</entry> @@ -18,5 +36,5 @@ <entry key="responseDecryptionIssuer">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium, C=BE</entry> <entry key="serialNumber">54C8F779</entry> - <entry key="keystoreType">JKS</entry> + </properties>
\ No newline at end of file |