/
How to retrieve certificate from metadata

How to retrieve certificate from metadata

Owned by Knowledge Assistant
Last updated: Jul 27, 2023 by Moriah Yorkey
1 min read
Description of Issue

Configured with SAML IdP in TID-W and need to renew certificate but the IdP is not external

Context

  • TID-W

  • ADFS

  • Signing Certificate

Cause

400: Bad Request Error Code: GENERAL_NONSUCCESS

Resolution

  1. Open the metadata file and find use="signing" entry

  2. Copy the data from the <X509Certificate> element.

  3. Paste it to a new text file.

  4. Insert -----BEGIN CERTIFICATE----- to the beginning of the file .

  5. Append -----END CERTIFICATE----- to the end of the file. For example:
     
    -----BEGIN CERTIFICATE-----
    MIICPTCCAaagAwIBAgIGAUIAVrpxMA0G
    ......
    96sa3ZdjPQkSZa48l6ZW86yLAECUXQ==
    -----END CERTIFICATE-----

  6. Save the text file with a .CRT extension.

Additional Information

 

Related content

How To Export the Token-signing Certificate From ADFS
How To Export the Token-signing Certificate From ADFS
Knowledge Assistant
More like this
Determining when AD FS token signing and token decryption certificates expire
Determining when AD FS token signing and token decryption certificates expire
Knowledge Assistant
More like this
How to renew expired certificate or secret using Reestablish Federation
How to renew expired certificate or secret using Reestablish Federation
Knowledge Assistant
More like this
Update ADFS cert in Admin Center
Update ADFS cert in Admin Center
Knowledge Assistant
More like this
Export SSL Certificate to .cer Format to import into Java Keystore
Export SSL Certificate to .cer Format to import into Java Keystore
Knowledge Assistant
More like this
Okta 400 Login Failed GENERAL_NONSUCCESS
Okta 400 Login Failed GENERAL_NONSUCCESS
Knowledge Assistant
More like this