Click Server Options in the Advanced Authentication Administration portal.
Verify whether the Signing Certificate is available. Use the certificate.
Navigate to Policies > Web Authentication and click Download IdP SAML 2.0 Metadata.
A new tab launches with the SAML 2.0 metadata that includes the certificate in x.509 format.
Find the tag <ds:X509Certificate> and copy the certificate that follows to a notepad file.
Add the ---BEGIN CERTIFICATE ------------ at the beginning and ---END CERTIFICATE------------ at end of the certificate in the notepad file.
Save the notepad file for further use.