Hello,
We’re acting as a SP, and trying to find a way to disable the requirement for having a certificate for the SP initiated login. I know it’s not best practice, we have restrictions that prevent us from doing it at this moment. When we try connecting now we get “An X.509 signature certificate for the local service provider hasn’t been configured.”
Is it there a config flag to turn this off? or a workaround, like a dummy certificate?
Thanks,
You can always create a self-signed certificate which is perfectly fine for this purpose.
The CreateSelfSignedCert project which we ship is one approach for creating self-signed certificates.
If you don’t wish to use a certificate, you can disable the signing of SAML authn requests by setting the PartnerIdentityProviderConfiguration.SignAuthnRequest flag to false.
“PartnerIdentityProviderConfigurations”: [
{
“Name”: “<a href=“https://ExampleIdentityProvider”,”>https://ExampleIdentityProvider",
“SignAuthnRequest”: false
[quote][/quote]
You can always create a self-signed certificate which is perfectly fine for this purpose.
The CreateSelfSignedCert project which we ship is one approach for creating self-signed certificates.
If you don't wish to use a certificate, you can disable the signing of SAML authn requests by setting the PartnerIdentityProviderConfiguration.SignAuthnRequest flag to false.
"PartnerIdentityProviderConfigurations": [
{
"Name": "https://ExampleIdentityProvider",
"SignAuthnRequest": false
The CreateSelfSignedCert project which we ship is one approach for creating self-signed certificates.
If you don't wish to use a certificate, you can disable the signing of SAML authn requests by setting the PartnerIdentityProviderConfiguration.SignAuthnRequest flag to false.
"PartnerIdentityProviderConfigurations": [
{
"Name": "https://ExampleIdentityProvider",
"SignAuthnRequest": false
Thank you for the quick reply!
You’re welcome. 