Azure AD SSO - unable to generate SAML signing certificiate

According to the Azure SSO SAML instructions, Step 2, #2, I must generate a SAML Signing Certificate. But in order to that, I must complete the Entity ID and Reply URL fields in AAD > Basic SAML Configuration. But in order to get that information, I must import the certificate into the InsightVM Platform (Steps 3-4).

I’m stuck in a race condition. I can’t generate the cert in AAD without the entity ID, and I can’t get the entity ID from the platform without generating the cert.

I feel like I’m missing something obvious. Any pointers?

If I remember you had to go out of the Enterprise App then back in for the cert section to show up.
I don’t remember having any issues, but i remember someone having a similar issue with Azure SSO on another app and doing this worked even though it seemed stupid.