Information about SSL Certificates #51
Description
We had a change in the SSL certificate and received the Chain Intermediate separate from *.crt. The Token and WellKnow endpoints (in some RPs) were inaccessible. I didn't check Userinfo's answer. The other plugins like SAML backend and SAML frontend worked.
As Satosa uses Nginx we solved the problem by injecting the intermediate certificate chain into *.crt. It's a simple and well-known solution when dealing with nginx, but it would be interesting to add this information to the documentation.
I mentioned this situation in an email to Giuseppe De Marco last year and I didn't respond to him about the solution. But I think it's interesting to take it to the satosa-oidcop documentation.