Hello Abu,
Here are the details about certificates when you configure a trusted Service Provider for the SAML Identity Provider:
When you import the metadata, you have to provide the self-signed certificate also.
The SAML IDP coming with the SAP Single Sign-On product is using the authentication stack of the AS JAVA. In order your users to be able to authenticate to the SAML IDP using their MS AD credentials, you have to configure MS AD as user store for AS JAVA UME.
Here is how to configure this:
LDAP Directory as Data Source - Identity Management - SAP Library
Regards,
Donka Dimitrova
