"New keys" in saml security configuration should generate a certificate
All LLNG installs that I have done so far required to convert the generated SAML public key into a certificate because some SP expected a certificate and could not handle a public key.
We should generate a certificate by default. Any objections?