How to provide Knox public key to clients to use KnoxSSO if it's multiple instanses of Knox in HA mode

Question

What I've done

1. I have set up Knox instances with KnoxSSO and with the same master secrets, accessable through nginx balancer
2. I have set up Zeppelin with shiro definding in knoxJwtRealm.publicKeyPath one of Knox instance's public key

It works fine while Zeppelin connecting to this instance of Knox. But when it switches to another instance I get an error:

KnoxJwtRealm.java[validateToken]:118) - Signature of JWT token could not be verified. Please check the public key

So, is it possible to use KnoxSSO with multiple instances of Apache Knox and how to achieve that?

Answer 1

I have found answer here Creating one wildcard certificate and get it to all Knox instances resolved the problem.