Converting an X.509 Certificate to a SHA1 Fingerprint for SAML
When setting up SAML with your identity service provider, you will need a SHA1 fingerprint. However, some identity service providers will give you an X.509 certificate that you need to convert.
Note: For more information on SAML, please see our What is SAML Integration? article. For more information on obtaining your X.509 certificate from your identity service provider, please see the article for your identity service provider in our SAML/SSO section.
Follow the steps below to convert your X.509 Certificate into a SHA1 fingerprint:
- Obtain the X.509 certificate from your identity service provider.
- Navigate to https://www.samltool.com/format_x509cert.php.
- Paste your X.509 certificate in the X.509 cert field.
- Click Format X.509 Certificate.
- Copy the certificate indicators in the X.509 cert with header field. Certificate indicators will display within hyphens.
Note: If line breaks display in the pasted certificate indicator, they will need to be deleted. Line breaks may cause the fingerprint to calculate incorrectly.
- Click Calculate Fingerprint from the toolbar on the left.
- Paste the copied text into the X.509 cert field.
- Select sha1 from the algorithm drop-down.
- Click Calculate Fingerprint.
Now that you have your SHA1 Fingerprint, you can continue setting up your SAML login. Please see our How to Set Up SAML/SSO for the Security Awareness Training Platform article for more information.
Note: Make sure the email address that your users use to authenticate with SAML is either entered into the Email or Email Aliases field of their User Profile. However, only the email address listed in the Email field will receive training notification emails. For more information about adding information to user profiles, see our User Profile Guide.