I'm trying to set up SAML SSO for Splunk Cloud against an external IDP.
I've loaded the IDP's SAML metadata into the Splunk SAML configuration. The metadata includes a self-signed signing certificate.
All the SAML authentication redirects are working, but Splunk complains that it could not verify the Assertion signature using the signing certificate.
What am I missing? Does Splunk Cloud not really support self-signed IDP signing certificates?