Symantec Access Management

Tech Tip : CA Single Sign-On : What is the recommended approach to renew a Federation signing certificate that is about to expire? 

Jul 31, 2018 06:40 AM

Question



We are currently using Siteminder Federation in our enterprise.

What is the recommended way to renew signing certificate that is about to expire?

 


Environment

 


SSO 12.52.x

 


Answer

 


If you want to renew a certificate that is about to expire, you can update the certificate by using the "ACTION" button and then "Update Certificate" at the X509 Certificate Management section. This should suffice in updating the certificate to a new one.

 

However, the Adminui might report that the "Public Key" from the new certificate is not the same as the existing one.

 

If you were to get a new certificate with a different key, the steps to use this new certificate would be different.

 

1) You will need to import the new certificate with the different alias name.
2) Then deactivate the Partnership to assign this new alias name for signature verification.
3) Then activate the partnership.

 

 

KD : KB000108733

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.