Working with a vendor to create a SAML response and I have a request to provide them with an x509 certificate (The public key of the certificate being used to sign the SAML response and all applicable cert chain(s) of the signing cert).
Originally I thought that the x509 format of the SSL key I have been using to secure my website (the SAML response will becoming from a directory of this website) was a sufficient enough key. After speaking with the third party vendor whom supplied me with the key I'm being informed that an SSL key may work but that I may need a code signing certificate instead. I'm not familiar with code signing certificates have mostly dealt with SSL keys.
In the case of creating a SAML response which key type is appropriate?