We are currently using Siteminder Federation in our enterprise.
What is the recommended way to renew signing certificate that is about to expire?
SSO 12.52.x
If you want to renew a certificate that is about to expire, you can update the certificate by using the "ACTION" button and then "Update Certificate" at the X509 Certificate Management section. This should suffice in updating the certificate to a new one.
However, the Adminui might report that the "Public Key" from the new certificate is not the same as the existing one.
If you were to get a new certificate with a different key, the steps to use this new certificate would be different.
1) You will need to import the new certificate with the different alias name. 2) Then deactivate the Partnership to assign this new alias name for signature verification. 3) Then activate the partnership.
KD : KB000108733