As per product documentation, to enable SSO in Operator Console, one of the steps is to generate Operator Console MetaData for SAML, using next URL : 

http://<operator Console_Server>/samlsso/saml/metadata

However after following all the steps mentioned in the documentation, browsing to this URL just return an error message of:

Error : Page Not Found

Logs in samlsso.log file show next :

Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect

Caused by: java.security.UnrecoverableKeyException: Password verification failed

Strangely, it is possible to list the keystore content using the same password set in <OC_installation>\probes\service\wasp\webapps\samlsso\WEB-INF\classes\samlssoConfig.properties file on key saml.sp.keystore.password

• Release: 20.4
• Component: UIM OPERATOR CONSOLE - WASP & CORE

The next fields in samlssoConfig.properties, have encrypted values.

saml.sp.keystore.password=b4CLaltD3p96EbgSHNQgxg==
saml.sp.keystore.aliasName=+c8dPNHGRQlZvsaf16MFmg==
saml.sp.keystore.aliasPassword=b4CLaltD3p96EbgSHNQgxg==

They should not be used as displayed, for instance, to set the keystore password.

To encrypt the values assigned to these keys, the procedure is described in the product documentation (at the end of the page):

Encrypting the Passwords
https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/20-4/installing/optional-post-installation-tasks/configure-ump-to-use-saml-single-sign-on.html

Next is an example (Windows OS) that show the process to create the keystore, up to the step to generate the metadata.

1. Deactivate the wasp probe in the OC robot. Create the keystore. 

C:\Program Files (x86)\Nimsoft\jre\jre8u262b10\bin>keytool -genkey -keyalg rsa -alias UMP2030 -keystore ..\..\..\probes\service\wasp\webapps\samlsso\WEB-INF\classes\security\keystore.jks -storepass RdMP4&83y@zd -validity 365 -keysize 2048

     The password (RdMP4&83y@zd) in the above line need to be changed by a password of your choice. Don't change the alias. The value UMP2030 encrypted correspond to +c8dPNHGRQlZvsaf16MFmg== (the value for saml.sp.keystore.aliasName key in samlssoConfig.properties file)

2. Now get the encrypted value for the password. You need to set this value in the samlssoConfig.properties, Following the example the command line would be

C:\Program Files (x86)\Nimsoft\jre\jre8u262b10\bin>java -jar ..\..\..\probes\service\wasp\webapps\samlsso\EncryptionUtil.jar "RdMP4&83y@zd"
EncryptedText : 6q6nbyGOwZoRX64Eg7btPg==

3. Update the samlssoConfig.properties with the value obtained. Following the above example,

saml.sp.keystore.password=6q6nbyGOwZoRX64Eg7btPg==
saml.sp.keystore.aliasName=+c8dPNHGRQlZvsaf16MFmg==
saml.sp.keystore.aliasPassword=6q6nbyGOwZoRX64Eg7btPg==

   Now, Activate the wasp in the OC robot.

   You should get now the .xml with the metadata, when you browse to 

http://<Operator Console_Server>/samlsso/saml/metadata