By default, Nirmata uses a self-signed certificate for SAML signatures as a trust between entities is established externally. If your organization requires a CA-signed certificates, you can configure them in SAML.
NOTE: You can optionally provide a custom certificate to be used for SAML signatures.
For more information about Single Sign-On with SAML (Azure AD), Single Sign-On with SAML (AWS SSO), Single Sign-On with SAML (Azure AD), Using CA signed SAML Signature Certificates, Enable SAML SSO for a User, and Setup AD FS for Use with Nirmata, see Security Assertion Markup Language in DevSecOps.