upgrade test cert for Nexus

[ohetrifork]

Hi @LindaLawtonDk Do you have any wishes for deployment time? We usually take changes to "PreCAB meetings" on Tuesdays (too late for today, though), and can proceed with deployments the following Thursday. EDIT: Oh, I see this is your production key - I though it was for test. Production date still remains to be scheduled for the KLChildren implementation guide. I will keep you updated

[LindaLawtonDk]

We are having issues getting test working. We were told that we needed to use the production key in test.

So the production key has now been configured in test as well as production in Kombit. It appears to be working as we are getting a subject token back from them now. Which is better then we got with the original test key we had on the system.

We just need you to register it in test so that we can use the same key there. Please do it ASAP as I am currently road blocked unable to send requests to the test server.

Please note that i really don't understand why you would require the production key to work in test. For security reasons it would be great to have two separate keys.

[ohetrifork]

Hi @LindaLawtonDk I don't think we require you to use production keys on the test environment. That hasn't been the case for any other client systems. There is no technical issue adding your production key to the test environment, but it might be because you have supplied your production key to the Serviceplatform exttest environment? We only accept tokens from the exttest STS on our test environment. Please confirm, if you still want your production key added to our test environment

[LindaLawton]

Apparently there may have been some miss communication.

A test certificate was created for us that we can't use. So we decided to try with the production certificate. Thinking that's what they meant.

Hold of while we have a new production certificate create that can be registered in kombit and then added as A new test certificate here.

At least I think that's what we are doing, still going through several people before it gets too me. 🤞

Linda

[LindaLawtonDk]

This should be "a production cert" but not "the production cert". For test. Kombit is down so we have not added it to their system.

[ohetrifork]

I'll arrange a service window for doing the update

[ohetrifork]

I have a window from 13-14 today for doing the update. I'll write here once it's done

[LindaLawtonDk]

thank you so much for getting this pushed though for us.

[ohetrifork]

New public key is now active on the test environment

[LindaLawtonDk]

unfortunately its still not working we cant contact test. Does this error message mean anything to you?

[13:11:21 WRN] Access token request failed {"error":"invalid_client","error_description":"Unable to load public key"} [13:11:21 WRN] Failed to request access token 361000016006:67284DA7-F14C-4A97-862D-9B281DFB0538 report not sent {"error":"invalid_client","error_description":"Unable to load public key"}

We are not having any issues with production we are just trying to set up a new dev and test environments and connect to the test server

[ohetrifork]

@nigtrifork do you know the reason behind the error above?

[ohetrifork]

Damn... this one's on me. I changed the wrong key. Service window is still open. I'll give it a new go

[LindaLawtonDk]

I was thinking maybe we forgot to add it to someplace :/

[ohetrifork]

The right key has been updated now - please give it a new try.

[LindaLawtonDk]

thank you thank you thank you its working