Generate token signing .CER from ADFS Federation Metadata XMLJune 24, 2015
Now, the question is how to generate .pem/.cer file out of FederationMetadata.xml file.
- Edit FederationMetadata.xml file, and search for <KeyDescriptor use="signing">. You should find more than one entry. Pick any one of them.
2. Pick the X500Certificate value and save the text as .der file
3. openssl x509 -in <(base64 --decode FILE_FROM_STEP2.der) -inform DER -out OUTPUT.pem