我们将IdentityServer4与.NET Core Web应用程序一起使用(“ http://docs.identityserver.io/en/release/quickstarts/0_overview.html ”)。我们已替换AddDeveloperSigningCredential为AddSigningCredential(CreateSigningCredential())。由于我们不能AddDeveloperSigningCredential用于生产环境,因为生产中需要用一些持久的密钥材料代替。我们是IdentityServer4的新手,我们的问题是,以下方法可以在生产环境中创建签名凭证吗?还是我们需要对此进行一些更改?
这是我们的startup.cs文件:
public void ConfigureServices(IServiceCollection services)
{
services.AddSingleton<IConfiguration>(Configuration);
//connection string
string connectionString = Configuration.GetConnectionString("IdentityServer");
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
services.AddIdentityServer().AddDeveloperSigningCredential
.AddSigningCredential(CreateSigningCredential())
// this adds the config data from DB (clients, resources)
.AddConfigurationStore(options =>
{
options.ConfigureDbContext = builder =>
builder.UseSqlServer(connectionString,
sql => sql.MigrationsAssembly(migrationsAssembly));
}) // this adds the operational data from DB (codes, tokens, consents)
.AddOperationalStore(options =>
{
options.ConfigureDbContext = builder =>
builder.UseSqlServer(connectionString,
sql => sql.MigrationsAssembly(migrationsAssembly));
// this enables automatic token cleanup. …