Getting Started

The following instructions will guide you through the process of setting up and configuring Okta SAML. With these directions, you can navigate the complexities of the Okta configuration to protect your organization's valuable data and resources.

Generate a PFX Certificate

The PFX certificate can be issued by an internal or public CA, and the domain name can be random.

Use the following scripts to generate a self-signed CA:

$pass='password'

$dnsname='test.lab' # Can be anything

$filename='SelfSigned'

$ExDate= '1/1/2024'

#################################################################################

$pfx= $filename + '.pfx'
$PublicCRT= $filename + '-Public.cer'

$securepass=ConvertTo-SecureString -String $pass -Force -AsPlainText

$cert=New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname $dnsname -HashAlgorithm SHA256 -KeyLength 4096 -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter $ExDate

$path='cert:\localmachine\my\'+$cert.thumbprint

Export-PfxCertificate -cert $path -FilePath $pfx -Password $securepass
Export-Certificate -Type CERT -Cert $path -FilePath $PublicCRT

Remove-Item $path