Friday, August 08, 2014

ADFS : Certificate details in the metadata

Common problem - you get sent some metadata that contains certificate info. and then get an error when you try and import it.

Would be really useful to see the actual certificate, right?

Good news is that help is at hand.

In the metadata file, you'll see something like:

<KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>




Then there's the actual certificate info. which is in Base64.

Copy it - the stuff between the open and closing ds:X509Certificate tag.

Now paste that into an editor - Notepad++ is my poison of choice.

Then save that as a .cer file.

Now double-click on the file in Explorer.

Job done!

Enjoy!