01-05-2022 12:56 AM
We are using SAML SSO and UCM/ldap authentication
Should we also renew the EXP-C certificates at the same time and refresh the SSO?
I have not found any documents related to this.
Software version using on exp-c and exp-e X12.6.4
We are using the same CN and SAN while generating the CSR
Solved! Go to Solution.
01-05-2022 01:25 AM
Hi,
What is your exact question?
What you wanna do and what is your problem?
--- Please rate this post as "Helpful" or accept as a solution, if your question has been answered ---
01-05-2022 04:51 AM
If you mean that you should renew the cert of the Exp MRA C node(s) at the same time as you do it for your on-prem UC systems that's a no. As long as the cert is valid on the C(s) you don't need to renew anything.
01-05-2022 10:58 AM
Hi Roger, The EXP-E and EXP-C certificate is going to expire soon, we have to generate the CSR and installing the new certs.
I just want to know, Is there any Impact on the SSO? if we install new certs
01-05-2022 11:48 AM - edited 01-05-2022 11:48 AM
If you get a new cert you will need to update the trust in the IdP.
Also why do you mark all reply, including your own, as the answer/solution to your question?
01-05-2022 12:53 PM
Thank you Roger for confirming!
Do we need to Export any SAML data post certificate upload activity?
If the private key is going to change, in that case we have to export the SAML data ?
01-06-2022 12:09 AM - edited 01-06-2022 12:11 AM
Either export the meta data, that would contain the new certificate information, or simply give the new certificate file to your manager of the IdP for them to update the trust with the new certificate information.
Again please stop marking all replies as the answer to your question. That’s the green check box that appears on the posts. This is not the intended way for how to use this function. Also please go back and change this on the previous wrongly marked posts to only have the one/once that actually answered your question marked as the answer to your question.
01-05-2022 01:25 AM
Hi,
What is your exact question?
What you wanna do and what is your problem?
--- Please rate this post as "Helpful" or accept as a solution, if your question has been answered ---
01-05-2022 04:51 AM
If you mean that you should renew the cert of the Exp MRA C node(s) at the same time as you do it for your on-prem UC systems that's a no. As long as the cert is valid on the C(s) you don't need to renew anything.
01-05-2022 10:58 AM
Hi Roger, The EXP-E and EXP-C certificate is going to expire soon, we have to generate the CSR and installing the new certs.
I just want to know, Is there any Impact on the SSO? if we install new certs
01-05-2022 11:48 AM - edited 01-05-2022 11:48 AM
If you get a new cert you will need to update the trust in the IdP.
Also why do you mark all reply, including your own, as the answer/solution to your question?
01-05-2022 12:53 PM
Thank you Roger for confirming!
Do we need to Export any SAML data post certificate upload activity?
If the private key is going to change, in that case we have to export the SAML data ?
01-06-2022 12:09 AM - edited 01-06-2022 12:11 AM
Either export the meta data, that would contain the new certificate information, or simply give the new certificate file to your manager of the IdP for them to update the trust with the new certificate information.
Again please stop marking all replies as the answer to your question. That’s the green check box that appears on the posts. This is not the intended way for how to use this function. Also please go back and change this on the previous wrongly marked posts to only have the one/once that actually answered your question marked as the answer to your question.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide