Page tree
Skip to end of metadata
Go to start of metadata

Third-party federation software may request the certificate fingerprint instead of the public key. Some examples are Microsoft ADFS2 and Zendesk.

The Ubisecure Key Tool, ubikt.jar, simplifies procedures on certificates and keys.

Step-by-step guide

To get the signing certificate

  1. Run the following command from the command line:

    # cd /usr/local/ubisecure/ubilogin-sso/tools
    # java -jar ubikt.jar -ubilogin win32.config
    Version: 3
    Subject: CN=Ubilogin, DC=test
    Issuer: CN=Ubilogin, DC=test
    NotBefore: 2010-09-25T00:00:00Z
    NotAfter: 2021-09-25T00:00:00Z
    SerialNumber: d2e5d7d1e93b3c27b93623a3e39430f0
    SigAlg: SHA1withRSA
    SHA256: 91bdcd36430ccc23c19f664043952a62963bb8272ce342f4f53ae721c9d164ca
    SHA1: ebe288edc99f1eaa537aac5e90dc529de1527bc8
    MD5: aa3ae69b263becd5394edf7afba94ed0
  2. The certificate fingerprint is shown with sha256, sha1 and md5 hash in the last three lines of output.


According to the specifications, the signing certificate validity is not relevant for SAML2.