+ Start a Discussion
mjohnson-TICmjohnson-TIC 

Salesforce Single Sign On Using OpenSSO (Identity Provider Certificate)

Hi All,

 

I'm attempting to configure OpenSSO with Salesforce for single sign-on. The "Verification Certificate" generated by OpenSSO is in text format, which is just a long encrypted string. Apparently the "Identity Provider Certificate" requires this to be in X509 certificate format. Does anyone know how to convert this encrypted string to X509 certificate format?

Best Answer chosen by Admin (Salesforce Developers) 
mjohnson-TICmjohnson-TIC

Thanks for the suggestion. I found OpenSSO was generating an X509 certificate base 64 encoded. Salesforce is expecting a binary X509 certificate (though no documentation about this detail). The easiest way I found was to import the base 64 encoded certificate into a browser (I used IE) and export as binary. 

All Answers

_Prasu__Prasu_

Try saving that file as pem or pfx. 

mjohnson-TICmjohnson-TIC

Thanks for the suggestion. I found OpenSSO was generating an X509 certificate base 64 encoded. Salesforce is expecting a binary X509 certificate (though no documentation about this detail). The easiest way I found was to import the base 64 encoded certificate into a browser (I used IE) and export as binary. 

This was selected as the best answer
SoleesSolees

Great job, thanxs !!!

 

Import your OpenAM certificate to "certmgr.msc" in windows, then export it and load it to salesforce SSO config.

fgwarb_1fgwarb_1

Or in our case ensure your "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" has exactly 5 hyphens on each side (no more, no less!)