Reputation: 201
Where to get a SAML certificate
I am new to this concept of SAML certificates.
I am currently working on configuring an SSO for a website and need to know how I can generate a SAML certificate? The setup I am using for this website is not via Azure, but directly from the vendor site and they are requesting my SAML certificate. Do I need a special tool to do this? and does it need to be registered before sending it out?
Upvotes: 7
Views: 17333
Answers (3)
Reputation: 1439
Some identity provider will generate the public key and certificate for you.
Keycloak does this and will allow to copy it in the Realms settings.
Upvotes: 1
Reputation: 17566
There's no such thing as SAML certificate. SAML uses self-signed X.509 certificates that can be generated manually using the openssl. There are number of tutorials on the web how to create such certificate.
Upvotes: 7
Reputation: 5703
Run the command below to create the certificate e.g:
keytool -genkey -alias saml -dname "CN=mydomain.com, C=NO" -keystore saml-keystore -keyalg RSA -validity 730 -keysize 1024
Send the public certificate to the SAML Consumer party
The SAML Consumer needs to know the public part of your certificate. You may export the public part of the certificate and send this.
keytool -export -rfc -keystore saml-keystore -alias saml -file saml-cert.public
Here is whole details also it, Also there is some other online tool which helps in create certificate online like samltool
Upvotes: 10
Related Questions
- SP metadata: certificate for signing and encryption
- How To Become a SAML Service Provider
- SAML Signing Certificate - Which SSL Certificate Type?
- SAML consumer URL
- SAML trust verfication
- How to verify SAML certificates?
- SAML reference documentation?
- Certificate type used for SAML Signature
- Where to find issuer certificate
- Self-Signed Certificate with SAML 2.0