SAML: Request a client certificate

Before you begin

  • Have the SAML certificate requests URL
    If you don't have the URL or lost it, contact your administrator.
  • Know which client certificate you need to order (if more than one is available)
    If you aren't sure, contact your administrator.
  • Have a certificate signing request (CSR)
    A CSR is not required to get a client certificate. However, company policy my require you to submit one with your order. If you don't know, contact your administrator.
    To remain secure, the CSR must use 2048-bit keys. See Create a CSR.

Request a client certificate

  1. Go to the Client Certificates page

    Use the SAML certificate requests URL provided to you to sign in.

  1. Choose a client certificate

    In the Certificate Type dropdown, choose the client certificate you want to order.

  1. Verify the certificate details

    In the Certificate Details section, verify that that the information is correct (such as is the email address correct).

If any of the information is incorrect, stop and contact your manager.

  1. Select a validity

    In the Validity dropdown, select how long you want the certificate to be good for.

  1. Add a CSR (optional)

    1. Use a text editor to open your CSR file.
    2. Copy the text, including the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags.
    3. In the CSR box, paste the text.
  1. Submit your request

    When you are done, click Request Certificate.

What's next

If you submitted your request without a CSR

If your email address domain is the same as the common name on your request (common name example.com, email address jane.doe@example.com), DigiCert will send you an email with a link for generating your client certificate (subject: Create Your DigiCert "Client Certificate").

If your email address domain doesn’t match the common name on your request (common name example.com, email address jane.doe@gmail.com), DigiCert will send a validation email with a link so you can prove you control that email address. Once you've validated the email address, DigiCert will send you an email with a link for generating your client certificate (subject: Create Your DigiCert "Client Certificate").

See SAML: Generate your client certificate.

If you submitted your request with a CSR

If you submitted your request with a CSR and your email address domain is the same as the common name on your request (common name example.com, email address jane.doe@example.com), DigiCert will send you an email with your client certificate attached.

If you submitted your request with a CSR and your email address domain doesn’t match the common name on your request (common name example.com, email address jane.doe@gmail.com), DigiCert will send you a validation email with a link so you can prove you control that email address. Once you've validated the email address, DigiCert will send you an email with the client certificate attached.