Hi, hope someone can help!
I am running Keycloak 20.0.2 and testing using it to authenticate to Cloudflare Zero Trust using SAML. Everything works fine when Client signature required is disabled in Keycloak, but I can’t get it to work when enabled.
Cloudflare only seems to allow the use of their provided public key for client signatures and I cannot add it in Keycloak. The only option appears to be the creation of public/private key pairs which are no use in this case as you cannot use your own keys in Cloudflare for client side signing.
Even if I try just generating them and then importing the PEM cert after - the displayed public key does not change and SAML won’t work. If you disable Client signature required then re-enable and choose to import, PEM is not an option and it seems to allow allow import of key pairs.
I have searched everywhere but cannot find the answer, does anyone have any advice please? Thanks so much!