Can I use the same certificate issued by a certificate authority to sign the security token of SAML assertion and also for HTTPS SSL on IIS?
I am using ColdFusion to create the SAML Response and used Java Keytool to create the certifcate.
Asked
Active
Viewed 42 times
0
-
What happened when you tried it? – Miguel-F Apr 29 '15 at 14:42
-
I haven't tried it. We are in the process of purchasing the Certificate(s) and was wondering if one can be used for both. Thanks – Balcha Aba Nebso Apr 29 '15 at 18:36
1 Answers
0
Can you? Yes. Should you? No. It's better to use a self - signed cert than to share them. I can't tell you the number of times I've seen an admin screw up and send out their private key for their HTTPS cert.
Andrew K.
- 3,240
- 12
- 23