As a prerequisite before installing the SAML Session Provider, configure the SSL certificate for the host where the SAML router will be installed.
Consider trust for the CA (certificate authority) signing this SSL certificate: client browsers targeting grid applications and authenticating with SAML need to trust the CA. Furthermore, the AD FS host needs to trust it to retrieve metadata for the SAML Session Provider.
In order to enable trust from clients efficiently, it is recommended to use SSL certificates that are either created by an internal company CA, or purchased from a public CA.
To create a certificate signing request to be signed by an external CA, refer to section "Creating Certificate Signing Requests and Importing Certificates" in the Infor ION Grid Security Administration Guide.