top of page
Search
  • admin

Generate JSON Web Token from a PKCS#12 X509Certificate

Following from my previous post Generate JSON Web Key from a PKCS#12 X509Certificate, here is how to sign a JSON Web Token (JWT) using the private key of a PKCS#12 certificate file.


The public key was supplied to the authorisation party as JSON Web Key. Subsequent new content submissions are then signed using the private key of the same certificate file and supplied as JSON Web Token. The receiving party will use the public key previously received to decode and verify the new content received.


Using the same certificate previously generated in Azure Key Vault, extract the private key for signing the JWT. The result is a string of signed JWT.

//initialise the Secret client connection to Azure Key Vault.
var secretClient = new SecretClient(new Uri("https://ivsdev-mykeyvault.vault.azure.net/"), new DefaultAzureCredential());

//retrieve the certificate content to initialise the X509Certificate instance.
var secretValue = secretClient.GetSecret("MyFirstCertificate");
var certificateString = secretValue.Value.Value;
var certificate = new X509Certificate2(Convert.FromBase64String(certificateString));            

//extract the RSA private key.
var privateKey = certificate.GetRSAPrivateKey();
var rsaSecurityKey = new RsaSecurityKey(privateKey);

//initialise the header using the private key, and signing algorithm.
var header = new JwtHeader(new SigningCredentials(rsaSecurityKey, SecurityAlgorithms.RsaSha256));
header.Add("kid", "my key id value");

//specify the attribute values of the payload
var payload = new JwtPayload();
payload.Add("iss", "The value of issuer");
payload.Add("iat", "The value of 'issued at'");
payload.Add("exp", "The value of expiration");

//initialise the token with the header and payload, and generate the JSON Web Token string.
var token = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var jwtString = handler.WriteToken(token);

That's all for this post.

0 comments

Recent Posts

See All

Using FetchXmlBuilder to generate OData query

Quite often, we need to specify the attributes to select or the filter conditions on related entities in DataVerse connector in Microsoft Flow. Expand Query is exactly where we can specify those. Howe

Adding custom PCF control to Dynamics 365 CE form

PCF Gallery (https://pcf.gallery/) has a great list of PCF controls available to use - both free and payable controls. Once you have imported the solution to your Dynamics 365 environment, you have to

bottom of page