Problem: You’re configuring your SSO/SAML provider, you’ve put in all the necessary information, you’ve got an x.509 certificate pasted in, you go to save and…you get “…configuration x.509 cert is invalid.”
The most likely cause of this is that the certificate block lacks a header and/or a footer. If either is missing the parser will not recognize even a perfectly valid, freshly minted cert.
The header and footer are:
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
The screenshots below show a properly and improperly configured cert block.
My mother, who grew up on a farm, used to always tell me ‘measure twice, cut once’. When I’ve failed to heed that advice I’ve wound up being frustrated by errors like ‘…x.509 cert is invalid.’