Creating a private key and public certificate

The SAML private key and public certificate are generated within the application using the SAML Certificate Generator maintenance form.

  1. Select Maintenance > System Administration > SAML Certificate Generator.
  2. Click Generate.
  3. At the confirmation prompt, click Generate.
    The SAML private key and certificate you generated are displayed. The certificate is valid for five years.
    Note: When generating the SAML private key and certificate, WFM generates a random cryptographic code that relies on system randomness (entropy pool) in your operating system. It is your responsibility to configure your operating system to achieve the appropriate level of system entropy. For example, this link contains information on configuring system entropy in RHEL: https://developers.redhat.com/blog/2017/10/05/entropy-rhel-based-cloud-instances#methods_to_improve_entropy_in_cloud_instances
  4. Close the pop-up.
  5. Click Export above the certificate to download the certificate in .cer format, which is required when configuring the service provider in your IdP.
  6. Click Save Private Key to store the private key in the Sensitive Data Configuration maintenance form in Workforce Management. The private key is used to sign all requests that are sent to the IdP.
    Note: After saving the private key, it will be masked with asterisks and the public certificate will no longer be displayed.
  7. Close the popup.