Manually Extract SAML Signing Certificate using Chrome

If your Azure AD SAML certificate has expired, please use the following procedure to extract the new signing certificate being used by Microsoft.

1. Go to the Web Application you're using Azure AD for, i.e. https://sandbox68-portal-sql2012-v67.synergetic.net.au/, enter a username and then proceed to the password screen.
2. Hit F12 to open the Developer Console, click on the Network Tab, ensure it is recording and tick Preserve Log
3. Enter the password and hit Login.
4. Trawl the log to find a 302 Redirect to login.aspx
5. Scroll down the Headers tab to find the actual Form data and SAMLResponse:
6. Copy the entire SAML Response and go to https://www.samltool.com/decode.php
7. Paste it into the Deflated and Encoded XML textbox and click Decode and Inflate XML.
8. Now Copy the deflated XML into Notepad 
9. Locate the X509Certificate key and copy the value into a new file - i.e. Azure.crt
10. There you have your new Certificate for use with Azure AD environments.