Add a Java keystore for SAML You can add Java keystores to the SAML application if you want another repository for your SAML security certificates. Before you beginRole required: admin About this task By default, SAML 2 Single Sign-on provides a default keystore named SAML 2.0 SP Keystore. This keystore is active by default. You can add keystores as needed and specify which one to use by default with a property. Procedure Navigate to System Definition > Certificates. Fill in the fields on the form (see table). Click Submit. Table 1. X.509 Certificate form Field Description Name Enter a descriptive name. Active Select Active to keep the key store available. Short description Enter a description for the key store. Type Select Java Key Store. Key store password Enter the password for the key store. To set the default key store, enter sys_properties.list in the application filter. The list of system properties opens. Find and open the following property: glide.authenticate.sso.saml2.keystore. The Value field shows the Sys ID of the default key store: SAML 2.0 SP Keystore. Use this property when the system has multiple key stores for signed authentication or signed logout. Starting with Geneva Patch 7, the glide.authenticate.sso.saml2.keystore property uses your configured key store if you upgrade from a version prior to the Geneva release. Prior to the Geneva Patch 7, this property kept the default value upon upgrade, regardless of any changes you made. Paste the Sys ID of the key store record that you created into the Value field. Click Update.