Not sure if this is still applicable to you but…..
If you have set up Salesforce as an IdP, you want to get the ‘Metadata file’ (there is a button for it. Included in this file is the security certificate that was generated. Place this file in a location that is publicly accessible via the internet (I put it in my word press directory). Then put the URL of this file in the ‘URL to IdP Metadata ‘ text box and press the ‘Get Metadata’ button. It will populate the Identity Provider settings for you appropriately.
Then all you have to do is set up the Service provider settings. DO NOT make the mistake of uploading the certificate on the Service Provider tab. It is best to just generate one by checking that option. The Security Certificate is not really needed that is generated here, but it can optionally be uploaded when you set up the Service Provider (Connected App), on the Salesforce side. The benefit is if you upload the certificate on the connected app side of the configuration in Salesforce, Salesforce will only respond to requests from the service provider that has signed their requests with that certificate (i.e. – your wordpress blog).
Hope this helps.
