Steps to reproduce:

The document "SAML setup with Microsoft Azure AD" describes how to configure Zabbix for Azure SAML SSO.

https://www.zabbix.com/documentation/current/en/manual/appendix/install/azure_ad
Configuration according the page does not work on system with SELINUX enabled, there is corresponding audit.log line:

type=AVC msg=audit(1729768464.449:3321): avc:  denied  { read } for  pid=51894 comm="php-fpm" name="azure.cer" dev="dm-0" ino=2071 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0 

If SELINUX is set Permissive mode, the SSO mechanism works OK.

The cert file probably needs to be properly SELINUX tagged to be readable by php-fpm daemon. 

Expected:
Please update documentation, add the step with SELINUX configuration on the CERT file.