Why do I need a Webex X.509 certificate?

• You will need the Webex X.509 certificate in order to validate the AuthnRequest signature.
• You will need the Webex X.509 certificate in order to encrypt your assertion.

To obtain the Webex X.509 certificate to use with SAML:

1. Log in to your Cisco Webex Meetings Site Administration page. (Example: SITENAME.Webex.com/admin.php)
2. Click on Configuration in the left panel.
3. Hover your mouse over Common Site Settings, then click on SSO Configuration.

 
Note: The SSO Configuration link will only appear if SSO has been enabled for your site. If the SSO Configuration link is missing, contact Cisco Support.

4. Click on the Export button listed next to You can export a SAML metadata Webex SP configuration file.
5. Save the Webex_SP_saml2_metadata.xml file.
6. Contact your identity management system help desk for help to import the Webex_SP_saml2_metadata.xml file. This should automatically import the Webex Certificate.

To manually import the certificate:

1. Open the Webex_SP_saml2_metadata.xml file in any text editor.
2. Search for the XML tag:
    
    
3. Copy all of the data between the two tags.
4. Open a new text document.
5. On the first line, type -----BEGIN CERTIFICATE-----.
6. On the second line, paste the data you copied from step 3 above.
7. On the third line, type -----END CERTIFICATE-----.
    
    Note: The above are 5 dash characters and no spaces.
    
8. Save the file as Webex.crt.
9. Import this into your identity management system, or contact your identity management system help desk for additional support on importing this certificate.