@mumbles202 When I do this, I use a certificate issued from my PKI, but you can even use self signed or CA issued. What is important is that the certificate used by Azure (the SAML Signing Certificate) is a PFX (including private key) of the certific...

This was super helpful. Something to note is that you need to create your own PFX certificate which you can use in Azure AD Signing Certificate for all Enterprise App SAML configs.