The certificate for the SAML app has to be a SHA256 base certificate. You can generate a new certificate via OpenSSL (if you don’t have already) and configure it in the plugin’s Custom Certificate tab. This will overwrite the default certificate of the app.
Given below are instructions to generate new SHA256 public and private keys via OpenSSL:
- Open a terminal and navigate to the bin directory of OpenSSL. If you don’t have OpenSSL installed, download it first.
- Run the command given below to generate SHA256 Keypair.
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
-
You will find the Public Key in certificate.crt and Private key in privateKey.key file in the bin directory.
- Open both files in notepad and copy the public and private key in the Custom Certificate tab of the plugin.
- Configure the updated certificate in IDP.
