...
oneid.oauth2.keystore=/var/lib/tomcat8/certs/oauth_pst.jks
oneid.oauth2.keystore.password=changeme
oneid.oauth2.keystore.alias=oscar pst
oneid.oauth2.verifyTokens=true
oneid.oauth2.certsUrl=https://login.pst.oneidfederation.ehealthontario.ca/oidc/connect/jwk_uri
oneid.oauth2.logoutUrl=https://login.pst.oneidfederation.ehealthontario.ca/oidc/logout
This is your certificate to access oauth2 on the back channel once the callback.jsp is called.
...
#gateway settings
oneid.consumerKey=<provided_by_ehealth>
oneid.consumerSecret=<provided_by_ehealth>
oneid.gateway.url=https://provider.pst.ehealthontario.ca/api2/fhir/Immunization
oneid.gateway.keystore=/var/lib/tomcat8/certs/pst.jks
oneid.gateway.keystore.password=changeme
oneid.gateway.dhir.submissionUrl=https://provider.pst.ehealthontario.ca/api2/fhir/$process-message
These are the oauth consumer key / secret values and the keystore for accessing the provider gateway (provider gateway is the “hial”, or the gateway to the resources).
...
#enable CVC
cvc.url=https://cvc.canimmunize.ca/v3
Certificates
Create a key pair (for JWT signing)
convert to P12 file , then extract cert
openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem