SP cert which has been configured for verification and encryption on IDP partnership is going to expire soon.
I thought of just renaming the alias of new certificate to the old name would suffice this requirement, however I am running into issue with this approach. This is what I tried:
I am able to rename the cert alias using smkeytool utility - rename the old cert alias to some dummy name and give the old cert alias name to the new cert - This has updated the cert properly and I am able to see the same(old) cert alias in all the partnerships.
However I am still able to see in the SAML response that attribute encryption is signed with the old cert still. I did try restarting SPS and Policy server, but still no luck.
Any suggestions ?