1 of 1 people found this helpful
The following Product Help link shows how to generate the private key and CSR for SSL, but these same certs could be used for SAML as well. Tableau Server comes with OpenSSL so the example utilizes it to generate the key file and the CSR which you can then take to a CA for signing.
In regards to why the key file needs to be non-password protected, I believe it has something to do with being unable to load the key into the java keystore since we do this automatically on startup and there would be no place to enter a password.
If there are any issues once the key and cert are created with SAML, please feel free to reach out to our amazing Support team!