Getting ready to move our IdentityServer4 setup from dev to test and I need to get the AddSignerCredentials() piece migrated from AddDeveloperCredentials(). I can generate a private and public RSASecurityKey but I'm unclear as to what RsaSecurityKey to pass to AddSignerCredentials(). The discovery endpoint somehow knows about the public key, but we'd want to sign tokens with the private key. Neither seems to work

Is there an example of how to use this somewhere in the documentation that I missed?

1.Use openSSL to create the certificate using the following demo command in your Command prompt

->OpenSSL req -x509 -newkey rsa:4096 -sha256 -nodes -keyout 
  IdentityServer4.key -out IdentityServer4.crt -subj 
  "/CN=IdentityServer4.com" -days 3650
->OpenSSL  pkcs12 -export -out IdentityServer4.pfx -inkey 
  IdentityServer4.key -in IdentityServer4.crt -certfile IdentityServer4.crt

2.Install that certificate to your current user profile

3.replace the AddDeveloperSigningCredential() with

AddSigningCredential("ThumbprintOfCertificate", StoreLocation.CurrentUser,NameType.Thumbprint)

Thats it....