Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Renew SSO certificate in SAviynt

Sakshi2806
New Contributor III
New Contributor III

Hi All,

We are trying to renew our SSO certificate 

Steps we followed-

1. Clicked on edit , generated a new certificate marked it active and then downloaded metadata xml file

Sakshi2806_0-1716472475259.png

Sakshi2806_1-1716472575085.png

Sakshi2806_2-1716472670868.png

once done we are trying to upload the same file in Single sign on configuration

Sakshi2806_3-1716472923865.png

the issue is the certificate still shows the same expiration date while we have ensured the new certificate is getting generated . 

Can anybody help find the root cause for this

Thanks

Sakshi

[This message has been edited by moderator to mask email address]

4 REPLIES 4

Saathvik
All-Star
All-Star

@Sakshi2806 : When you got the new IdP XML file downloaded do you see the certificate is reflecting to new one? I assume it is still reflecting to old certificate


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Sakshi2806
New Contributor III
New Contributor III

When we generated a certificate. We tried to compare the keys as it was updated and different from current xml we tried to upload it in Saviynt but still it was showing the same expiration date.

I guess it was reflecting to old certificate but not sure what else could have been done. We already tried new session. The only thing that resolved it was completely deleting the old certificate and then generating a new,

rushikeshvartak
All-Star
All-Star

It sounds like you've correctly generated and activated a new certificate for your Single Sign-On (SSO) configuration, but the system is still displaying the old expiration date. Here are a few potential causes and steps to troubleshoot this issue:

  1. Cache Issue: Sometimes, browsers or the application itself might cache old data.

    • Solution: Clear your browser cache and cookies, and then reload the page to see if the new certificate details appear correctly.
  2. Metadata Upload: Ensure that the new metadata file is correctly uploaded to the SSO configuration.

    • Solution: Double-check that you uploaded the correct metadata XML file and that the upload process completed successfully without any errors.
  3. Certificate Propagation: In some systems, it might take some time for the new certificate to propagate through all parts of the system.

    • Solution: Wait for a few minutes and then check again. If the issue persists, consider restarting the relevant services or application.
  4. Configuration Settings: Verify that the new certificate has been set as active in all required places within the SSO configuration settings.

    • Solution: Go back to the SSO configuration settings and confirm that the new certificate is marked as active everywhere it should be.
  5. Logs and Error Messages: Check the logs for any error messages that might provide more details about why the new certificate is not being recognized.

    • Solution: Review the system logs for any warnings or errors related to the certificate update process.
  6. System Synchronization: Ensure that the systems involved in the SSO process are properly synchronized.

    • Solution: If you are using multiple servers or services, make sure all of them have the updated certificate and are in sync with each other.

If none of these solutions resolve the issue, it might be helpful to share more details or screenshots of the configuration process and any error messages you are encountering.


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

Thanks Rushikesh,

In our case metadata xml file had issue. We had to completely delete the old instancce and then we tried to generate the new It eventually resolved the issue.

Thanks 

Sakshi