From 23de967334a5f7f2f2daa60884d550e5bd27767e Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Mon, 22 Apr 2024 11:37:36 +0300
Subject: Separate clients' keys from authorisation server's key

The authorisation server uses its key to sign any token it generates.

It uses the clients' public keys to validate any assertions it
receives from a client using the client's public key.
---
 gn_auth/settings.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'gn_auth/settings.py')

diff --git a/gn_auth/settings.py b/gn_auth/settings.py
index 59f3eec..489f72d 100644
--- a/gn_auth/settings.py
+++ b/gn_auth/settings.py
@@ -29,6 +29,6 @@ CORS_HEADERS = [
     "Access-Control-Allow-Credentials"
 ]
 
-# OpenSSL Key-Pair
-SSL_KEY_PAIR_PRIVATE_KEY = ""
-SSL_KEY_PAIR_PUBLIC_KEY = ""
+# OpenSSL keys
+CLIENTS_SSL_PUBLIC_KEYS_DIR = "" # keys from registered clients
+SSL_PRIVATE_KEY = "" # authorisation server primary key
-- 
cgit v1.2.3