Create a certificate in the destination environment using a POST {{apiPath}}/environments/{{destinationEnvID}}/certificates request. Copy and save the certificate ID, you’ll use it when creating the identity provider.

• The usageType value must be set to “SIGNING”.

• The file entry must reference the PEM or PKCS7 file containing the source environment key you downloaded in the initial step. Creating the certificate using the PEM or PKCS7 file transfers the key from the Source environment to the destination environment. If the certificate used by the identity provider in the destination evironment doesn’t match the key used by the source environment application, the authentication flow will fail.

See CREATE Certificate with PKCS7 or PEM File for more information.