Views:

To create a new SAML certificate, do the following:

  1. Click the Edit icon, and on the SAML Signing Certificate screen that appears, click New Certificate.

    New Certificate

    Click the image to enlarge.

  2. Specify the following and then click Save:
    • Expiration Date: the date when the certificate will expire.
    • Signing Option: Select Sign SAML assertion as the part of the SAML token to be digitally signed by Azure AD.
    • Signing Algorithm: Select SHA-256 as the signing algorithm used by Azure AD to sign SAML tokens.
    • Notification Email Addresses: Automatically filled in with your Azure AD administrator account name, which is the email address that receives a notification message when the active signing certificate approaches its expiration date.

    Certificate Details

    Click the image to enlarge.

  3. Click the three dots at the end of the certificate and then select Make certificate active.

    Click the image to enlarge.