Subscribe

UiPath Orchestrator

The UiPath Orchestrator Guide

Private key certificates

Suggest Edits

When configuring SAML 2.0 authentication, it is necessary to specify certain claims for the certificate provided by the identity provider. This is a step-by-step procedure on how to configure your Orchestrator instance to use a private key SAML certificate. The procedure begins with importing the certificate into the Windows Local Machine certificate store using Microsoft Management Console, and continues with the actual configuration steps required in Orchestrator.

Importing a Certificate in Windows

  1. Go to Control Panel > Manage Computer Certificates. The console is displayed.
  2. In the Console Root window's left pane, expand the Personal folder and then click Certificates.
690
  1. Right-click Certificates and then select All Tasks > Import. The Certificate Import Wizard is displayed.
535
  1. Make sure that Local Machine is selected in the Store Location section. Click Next.
  2. Click Browse and select the certificate to upload.

Setting Orchestrator to Use the Certificate

  1. Once the upload is complete, the certificate should be displayed in the console.
  2. Double-click it. The Certificate dialog box is displayed.
  3. On the Details tab, scroll through the list of fields and click Thumbprint.
364
  1. Copy the hexadecimal characters from the box.
  2. Remove the spaces between the characters. For example, the thumbprint "a9 09 50 2d d8 2a e4 14 33 e6 f8 38 86 b0 0d 42 77 a3 2a 7b" should be specified as "a909502dd82ae41433e6f83886b00d4277a32a7b" in web.config.

📘

Note

When copied from the box on the Certificate window, the thumbprint contains several special characters that are only visible in ANSI encoding. Make sure to delete those using a suitable application such as Notepad++.

See bellow an example of getting a thumbprint ready for the web.config file.

864
  1. In web.config, set the findValue attribute of the signingCertificate parameter to the thumbprint, as in the example below:
<signingCertificate storeName="My" storeLocation="LocalMachine" x509FindType="FindByThumbprint" findValue="30c4de7f241904544ca663689146769c914c5dd2"/>

Updated 2 days ago

See Also

ADFS Authentication
Google Authentication
OKTA Authentication
Custom Mapping
Self-Signed Certificates

Private key certificates

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.