Third-party federation software may request the certificate fingerprint instead of the public key. Some examples are Microsoft ADFS2 and Zendesk.
The Ubisecure Key Tool, ubikt.jar, simplifies procedures on certificates and keys.
To get the signing certificate
Run the following command from the command line:
The certificate fingerprint is shown with sha256, sha1 and md5 hash in the last three lines of output.
According to the specifications, the signing certificate validity is not relevant for SAML2.