WSO2 Open Banking Accelerator is a collection of technologies that increases the speed and reduces the complexity of adopting open banking compliance. Instead of building a solution from scratch, you can use WSO2 Open Banking Accelerator to meet all legislative requirements with additional benefits beyond compliance.
Apache License 2.0
7
stars
21
forks
source link
Need to do expiry validation for MTLS certificates at the token endpoint #45
Description:
Currently the token endpoint MTLS certificate validation only verifies the presence of MTLS certificate. The current implementation accepts any certificate irrespective of whether it is expired or not. In the Gateway MTLS validation, this has handled properly. A similar validation needs to be added to the Identity server token endpoint as well.
Affected Product Version: OB 3.0.0
OS, DB, other environment details and versions:
Steps to reproduce:
Related Issues:
[Any related issues such as sub tasks, issues reported in other repositories (e.g component repositories), similar problems, etc. ]
Description: Currently the token endpoint MTLS certificate validation only verifies the presence of MTLS certificate. The current implementation accepts any certificate irrespective of whether it is expired or not. In the Gateway MTLS validation, this has handled properly. A similar validation needs to be added to the Identity server token endpoint as well.
Affected Product Version: OB 3.0.0
OS, DB, other environment details and versions:
Steps to reproduce:
Related Issues: [Any related issues such as sub tasks, issues reported in other repositories (e.g component repositories), similar problems, etc. ]