Using 'Live' and 'Test' keys

From RavenWiki
Jump to navigationJump to search

The Test and Demonstration authentication server documentation contains dire warnings that "It is vital to keep these demo keys separate from keys used with a production service". But is it possible to have, for example, one virtual host using the demo Raven system, as well as a separate virtualHost using the production Raven system?

Ucam Webauth authentication response messages are signed and include the identifier of the private key used to sign them. Application agents such as mod_ucam_webauth will accept a response message as valid providing they have access to the corresponding public key and the signature is correct. If mod_ucam_webauth is configured to look for keys in a directory that includes the demo key then it will automatically accept as valid messages that anyone can forge, because the demo 'private' key is published.

While normally defaulted, the location of the directory which mod_ucam_webauth searches to find keys is configurable (see the AAKeyDir directive). Providing this directive is used so that different virtual hosts are configured to accept different keys then it's possible to have both production and test protection safely on the same physical machine. Essentially you should be safe providing the 'live' and 'test' keys never appear in the same keys directory.