Our SAML IDP Signing certificate is about to expire. We are running Siteminder 12.51, and are wondering if anyone has any experience updating this certificate when it is in use by pretty much every IDP->SP partnership we have. Question I have:
1. I have requested a new CSR based on the existing certificate, and plan to click "update certificate" when the signed public key is returned. Will it be possible to update this certificate while it is in use by all of the partnerships?
2. If #1 does not work, has anyone done this a different way? I would really like to avoid having to Deactivate-->Change signing keys-->re-active each partnership where this is assigned as the signing certificate.
Of course, any other insights anyone could provide would be much appreciated.
Thanks!
Dave