I have created a new App in the Auth0 tenant as IdP in SAML, configured saml2 from addon and provided the certificate to SP as IdP configuration
As for this small name, is it a self-signed certificate or a legitimate certificate? And is there any expiration date etc.?
Hi @yk-ms,
Welcome to the Auth0 Community!
It looks like it’s self-signed according to this faq.
I don’t see anything about an expiration, more info about rotation here: Tenant Signing Key Rotation
The certificate is “legitimate” in that it’s correctly formed, but it’s not signed by a public CA (i.e. it is self-signed).
Expiration of the certificate is 13 years from tenant creation, or from the most recent tenant signing key rotation (@dan.woda shared a document about signing key rotation).
If you need to sign SAML requests with a key bound to a certificate issued by a public CA you can do so.. Note this document is a bit out of date and specifies using a rule to set the keypair. You can accomplish the same thing using actions and the api.samlResponse.setCert(cert) and api.samlResponse.setKey(key) methods.
1 Like
Thanks for the info @matt.macadam!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.