From fee0d8b5a43a9683f38585ee1b204e2799ac4eab Mon Sep 17 00:00:00 2001
From: Sarah Sanders <sarah.sanders@docker.com>
Date: Fri, 7 Mar 2025 11:26:05 -0500
Subject: [PATCH] sso: add callout to certificate instructions (#22193)

## Description
- Good callout that we should clarify that copy/pasting the certificate
values includes the `----BEGIN CERTIFICATE---` and `----END
CERTIFICATE----` lines. This applies to both Okta and Entra examples, as
confirmed in my test org
- I will pass on to IAM about adding placeholder text, I think would be
more valuable than an example in docs

## Related issues or tickets
https://github.com/docker/docs/issues/22176#event-16632900876

## Reviews
- [ ] Editorial review
---
 .../security/for-admins/single-sign-on/connect.md  | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/content/manuals/security/for-admins/single-sign-on/connect.md b/content/manuals/security/for-admins/single-sign-on/connect.md
index 9bf31c2993..188e51fe70 100644
--- a/content/manuals/security/for-admins/single-sign-on/connect.md
+++ b/content/manuals/security/for-admins/single-sign-on/connect.md
@@ -144,6 +144,12 @@ After creating your connection in Docker and your IdP, you can cross-connect the
 2. Copy the following values from the Okta SAML setup instruction page:
     - **SAML Sign-in URL**
     - **x509 Certificate**
+
+        > [!IMPORTANT]
+        >
+        > You must copy the entire contents of your **x509 Certificate**,
+        including the `----BEGIN CERTIFICATE----` and `----END CERTIFICATE----` lines.
+
 3. Open Docker Hub or the Admin Console. Your SSO configuration page should still be open from Step one of this guide.
 4. Select **Next** to open the **Update single-sign on connection** page.
 5. Paste your Okta **SAML Sign-in URL** and **x509 Certificate** values in Docker.
@@ -158,7 +164,13 @@ After creating your connection in Docker and your IdP, you can cross-connect the
 2. Open your downloaded **Certificate (Base64)** in a text editor.
 3. Copy the following values:
     - From Azure AD: **Login URL**
-    - Copy your the contents of your **Certificate (Base64)** file from your text editor
+    - Copy the contents of your **Certificate (Base64)** file from your text editor
+
+        > [!IMPORTANT]
+        >
+        > You must copy the entire contents of your **Certificate (base64)**,
+        including the `----BEGIN CERTIFICATE----` and `----END CERTIFICATE----` lines.
+
 4. Open Docker Hub or the Admin Console. Your SSO configuration page should still be open from Step one of this guide.
 5. Paste your **Login URL** and **Certificate (Base64)** values in Docker.
 6. Select **Next**.