Automatically generating a certificate to encrypt SAML assertions
You can generate a certificate to use to encrypt SAML assertions automatically from an IdP configuration document.
About this task
Create the certificate from the server that will authenticate users. For web users (web federated login), create the certificate for each mail server, to allow the use of secure mail operations. For Notes users (Notes federated login), create the certificate from the ID vault server.
You can use this procedure if the server ID file is not password protected and if you want to create a new Internet Certificate in the server ID file. Otherwise, follow the procedure to generate the certificate manually.
To complete this task, you must be listed (or belong to a group) in the Server document, in Full Access Administrators >Administrators > Sign or run unrestricted methods and operations.