In the Cloud Administration Console, you can generate a certificate bundle that contains the private key, public certificate, and certificate signing request (CSR) that you need when configuring an identity provider (IdP) or a service provider (SP) in an SSO Agent deployment.
When you create a connection between the SSO Agent and either an IdP or an SP, the configuration wizard prompts you to upload a certificate or a private key. You can use your own infrastructure to issue keys and certificates, or you can generate and download a certificate bundle as described in this task. For more information about certificates, see Certificates and Keys for Service Providers and Identity Providers for the SSO Agent.
Before you begin
You must be a Super Admin to perform this task.
- In the Cloud Administration Console, navigate to one of the following Connection profile pages:
- In the Add or Edit Connection wizard when you add or edit a SAML application.
- In the Add Identity Provider wizard when you add or edit an identity provider.
- Click Generate Certificate Bundle. Either the Generate SAML Certificate dialog box or the Generate Identity Provider Certificate dialog box appears.
- In the Common Name (CN) field, enter the hostname of the HTTPS server for the service provider sending the authentication request, or the Integrated Windows Authentication (IWA) connector server.
- Click Generate and Download. The certificate bundle is generated in ZIP format and contains your private key. Store this information in a secure location to protect against unauthorized access.
- Download and extract the contents of the ZIP file.