I am glad you found my article useful. Dealing with certificates is always cumbersome. Your suggestion for the metadata change is an excellent one. But as you note, it should only be used for test systems.
Also, if you are new to NAM and just doing testing you may want to use my other Cool Solution that will show you how to build a test NAM system from scratch which I wrote using the same step-by-step illustrated format as this Cool Solution. The focus of that article is how to build a single server SSL VPN appliance using NAM, but it can also act as your federation server for this Cool Solution. It can be found at the following link:
Novell Access Manager 3.1 SSL VPN Appliance
Because the Access Gateway is deployable as a soft-appliance, one can easily be added to your NAM system for SSO to non-federated applications.