I have created a new App in the Auth0 tenant as IdP in SAML, configured saml2 from addon and provided the certificate to SP as IdP configuration
As for this small name, is it a self-signed certificate or a legitimate certificate? And is there any expiration date etc.?
Hi @yk-ms,
Welcome to the Auth0 Community!
It looks like it’s self-signed according to this faq.
I don’t see anything about an expiration, more info about rotation here: Tenant Signing Key Rotation
The certificate is “legitimate” in that it’s correctly formed, but it’s not signed by a public CA (i.e. it is self-signed).
Expiration of the certificate is 13 years from tenant creation, or from the most recent tenant signing key rotation (@dan.woda shared a document about signing key rotation).
If you need to sign SAML requests with a key bound to a certificate issued by a public CA you can do so.. Note this document is a bit out of date and specifies using a rule to set the keypair. You can accomplish the same thing using actions and the api.samlResponse.setCert(cert)
and api.samlResponse.setKey(key)
methods.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.