SAML: Request a client certificate

Before you begin

SAML certificate requests URL: obtain this from your CertCentral administrator. Without it, you cannot access the certificate requests page.
Certificate type: confirm which client certificate to order if more than one type is available. Contact your administrator if unsure.
CSR (if required by company policy): a CSR is not required to request a client certificate. If company policy requires one, generate it before submitting your request. The CSR must use a minimum 2048-bit key. See Generate a certificate signing request (CSR).

Use the SAML certificate requests URL provided by your administrator to sign in to the Client Certificates page.
In the Certificate Type dropdown, select the certificate to order.
In the Certificate Details section, verify that the information is correct, including the email address.
Important
If any of the information is incorrect, do not submit the request. Contact a CertCentral administrator to correct the information in the SAML assertion.
In the Validity dropdown, select the validity period.
Optional: in the CSR box, paste your CSR text. Include the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags.
Select Request Certificate.

After submission, DigiCert sends an email to the address on the certificate:

Without a CSR: DigiCert sends a Create Your DigiCert Client Certificate email with a link to generate the certificate. If the email domain does not match the common name on the request, DigiCert first sends a domain validation email. After the domain is validated, DigiCert sends the generation link.
With a CSR: DigiCert sends an email with the certificate attached. If the email domain does not match the common name on the request, DigiCert first sends a domain validation email. After the domain is validated, DigiCert sends the certificate.

SAML: Generate your client certificateSAML: Generate your client certificate to generate the certificate from the link in the DigiCert email

이 섹션의 내용: