Configuring the SAML Service Provider Certificate Generator

Configure the SAP Mobile Platform SAML service provider certificate generator before you create the SAML2 local service provider.


This step ensures that the metadata file you create for the local service provider, and send to the trusted identity provider, is correctly configured to communicate with SAP Mobile Platform.


  1. In Management Cockpit, select Start of the navigation path Settings Next navigation step System End of the navigation path.
  2. Inspect the SAML Service Provider Certificate Generator default settings and change as necessary for your environment.
    Property Description Default
    Generated X.509 Certificate Subject The subject text for the generated certificate. Use standard X.509 attributes, as defined in published on non-SAP site. Most commonly used:
    • Country – countryName, C
    • Organization – organizationName, O
    • Organization unit – organizationUnitName, OU
    • Distinguished name qualifier – dnQualifier
    • State or province – stateOrProvinceName, ST
    • Common name – commonName, CN
    C=DE, L=Walldorf, O=SAP SE
    Number of Years Self-Signed Certificate is Valid Number of years, from date of generation, for which the generated certificate is valid. 1
    RSA Key Length The length, in bits, of the RSA key for the generated certificate. 1024

Next Steps

Before you use SAML2 in a security profile, create a local service provider and configure a trusted identity provider.