The following article refers to the process of generating client certificates at the SSOCircle Public IDP. In the PKI functionality of SSOCircle IDP we allow the automatic generation of keys and the enrollment of X.509 certificates. Client certificates are used for strong authentication. These certificates are not related to the certificates used with SAML single sign on.
As of Chrome 49 the keygen tag is deprecated and automatic generation of keys as used in the public IDP is turned off by by default. In order to use the automatic enrollment with Chrome enable it by executing the following steps: