How do I update my Service Provider’s Certificate in Azure AD?

1103 views September 29, 2022 0

This is applicable only if you have enabled “Token Encryption“. If you have not enabled this feature, you can simply ignore the warnings. By default, AzureAD doesn’t use the SP Certificate. To permanently disable these warnings you will need to update the plugin to the latest version. Then you can navigate to the “Manage Certificate” tab of the plugin and click on the “Apply Certificate” button.

  1. Navigate to the miniOrange SAML 2.0 SSO plugin.
  2. Make sure you have installed the latest version of the plugin.
  3. Now navigate to the Manage Certificate tab and:
    • Click on the Download Metadata button which contains the updated certificate
    • Or click on the Download Certificate button.

  4. Go to the Azure portal.
  5. Go to the Azure Active Directory > Enterprise applications blade and then select the application that you wish to configure token encryption for.
  6. On the application’s page, select Token encryption.
  7. On the Token encryption page, select Import Certificate to import the .cer file that contains your public X.509 certificate.
  8. Once the certificate is imported, and the private key is configured for use on the application side, activate encryption by selecting next to the thumbprint status, and then select Activate token encryption from the options in the dropdown menu.
  9. Select Yes to confirm activation of the token encryption certificate.
  10. Go back to the miniOrange SAML 2.0 SSO plugin. Go to the Manage Certificates tab and click on Test Connection to check the SSO configuration.

  11. If your test is successful click on Apply Certificate which implies that the certificate is applied correctly at Azure end. Click on Confirm Upgrade.

  12. You have successfully upgraded the certificate on your Identity Provider as well as your WordPress site.

If you are facing any issues, please contact us, please contact us at samlsupport@xecurify.com.

Was this helpful?

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com