When using OpenJDK 11, you may find that the method for creating a SAML keystore described in https://doc.igrafx.com/doc/installation-guide/post-deployment-steps/configuring-authentication/saml-authentication-adfs-okta-centrify-azure-ad#SAMLAuthentication(ADFS,Okta,Centrify,AzureAD)-SetupaSAML2keystore does not work because the key being generated is not protected by a password - trying to log in via SAML will give you an unspecified error, and the server.log file will contain the error message "java.security.UnrecoverableKeyException: requested entry requires a password".
To resolve this, delete the samlkeytsore.jks and create a new one using the command
keytool -genkey -keyalg RSA -alias %KEYALIAS% -keystore samlKeystore.jks -keypass %KEYPASS% -validity 360 -keysize 2048
This command will set the key password you specify and will prompt for a store password afterwards. These passwords then need to be added to the igrafx.properties file as described in .SAML Authentication (ADFS, Okta, Centrify, Azure AD) v17.8#.SAMLAuthentication(ADFS,Okta,Centrify,AzureAD)v17.8-SetupaSAML2keystore