I'm working on an app that uses the IdentityServer6 library. Out of the box this seems to use a pair of in-memory signing keys which I can see in the jwks discovery doc when run locally.
I've now provided a custom implementation of ISigningCredentialStore and IValidationKeysStore to load my own key pair from an external source. These I've registered as per the docs like this:
builder.Services.AddSingleton<ISigningCredentialStore, MySigningCredentialStore>();
builder.Services.AddSingleton<IValidationKeysStore, MyValidationKeysStore>();
However, when I run this I now get the original pair of keys, plus my own two in the discovery doc, so four in total. So how can I stop IdentityServer using its own keys?
OK, I worked this out. Needed to set KeyManagement.Enabled to false in the options for AddIdentityServer.