Creating a new SAML certificate in Microsoft Azure AD

Trend Micro Email SecurityAll , Apex One as a ServiceAll , Cloud App SecurityAll

Last updated: 2022/03/18

Solution ID: KA-0012734

Category: Configure

SAML certificates are utilized to strengthen the security of services that uses Microsoft Azure AD.

This article shows the steps in creating a new SAML certificate in Microsoft Azure AD.

To create a new SAML certificate, do the following:

Click the Edit icon, and on the SAML Signing Certificate screen that appears, click New Certificate.

^{Click the image to enlarge.}
Specify the following and then click Save:
- Expiration Date: the date when the certificate will expire.
- Signing Option: Select Sign SAML assertion as the part of the SAML token to be digitally signed by Azure AD.
- Signing Algorithm: Select SHA-256 as the signing algorithm used by Azure AD to sign SAML tokens.
- Notification Email Addresses: Automatically filled in with your Azure AD administrator account name, which is the email address that receives a notification message when the active signing certificate approaches its expiration date.
^{Click the image to enlarge.}
Click the three dots at the end of the certificate and then select Make certificate active.

^{Click the image to enlarge.}

Was this article helpful?