If the IdP certificate is signed directly by a trusted certification authority (CA) this step is not required. This step is only for instances where there is no other choice but to manually install the IdP certificate file on the CxSAST server trusted root certification authoritythe CA trust-chain is not already trusted by the CxManager.
The below should be applied for the root and all intermediate CA keys.
To manually install the trusted certificate file:
...