Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1342
Views
30
Helpful
6
Replies

Is there any impact on SSO?

Go to solution
Rob bakshi
Level 1
Level 1

‎01-05-2022 12:56 AM

Do we need some information about deploying Expressway Certificates and the impact on SSO?
We reviewed with our IDP team and it is our understanding that the SAML SP certs are not dependent on the exp-e certificates but are dependent on the exp-C certificates.

We are using SAML SSO and UCM/ldap authentication
Should we also renew the EXP-C certificates at the same time and refresh the SSO?

 

I have not found any documents related to this.

Software version using on exp-c and exp-e  X12.6.4

 

We are using the same CN and SAN while generating the CSR

Labels:
6 Accepted Solutions

Accepted Solutions

Go to solution
b.winter
VIP
VIP

‎01-05-2022 01:25 AM

Hi,

 

What is your exact question?

What you wanna do and what is your problem?

 

--- Please rate this post as "Helpful" or accept as a solution, if your question has been answered ---

 

View solution in original post

Go to solution
Roger Kallberg
VIP
VIP

‎01-05-2022 04:51 AM

If you mean that you should renew the cert of the Exp MRA C node(s) at the same time as you do it for your on-prem UC systems that's a no. As long as the cert is valid on the C(s) you don't need to renew anything.



Response Signature


View solution in original post

Go to solution
Rob bakshi
Level 1
Level 1
In response to Roger Kallberg

‎01-05-2022 10:58 AM

Hi Roger, The EXP-E and EXP-C certificate is going to expire soon, we have to generate the CSR and installing the new certs. 

 

I just want to know, Is there any Impact on the SSO? if we install new certs

View solution in original post

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to Rob bakshi

‎01-05-2022 11:48 AM - edited ‎01-05-2022 11:48 AM

If you get a new cert you will need to update the trust in the IdP.

Also why do you mark all reply, including your own, as the answer/solution to your question?



Response Signature


View solution in original post

Go to solution
Rob bakshi
Level 1
Level 1

‎01-05-2022 12:53 PM

Thank you Roger for confirming! 

 

Do we need to Export any SAML data post certificate upload activity? 

 

If the private key is going to change, in that case we have to export the SAML data ?

View solution in original post

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to Rob bakshi

‎01-06-2022 12:09 AM - edited ‎01-06-2022 12:11 AM

Either export the meta data, that would contain the new certificate information, or simply give the new certificate file to your manager of the IdP for them to update the trust with the new certificate information.

Again please stop marking all replies as the answer to your question. That’s the green check box that appears on the posts. This is not the intended way for how to use this function. Also please go back and change this on the previous wrongly marked posts to only have the one/once that actually answered your question marked as the answer to your question.

39D346EA-A18C-48D3-A6A4-C459AC07B139.jpeg



Response Signature


View solution in original post

6 Replies 6

Go to solution
b.winter
VIP
VIP

‎01-05-2022 01:25 AM

Hi,

 

What is your exact question?

What you wanna do and what is your problem?

 

--- Please rate this post as "Helpful" or accept as a solution, if your question has been answered ---

 

Go to solution
Roger Kallberg
VIP
VIP

‎01-05-2022 04:51 AM

If you mean that you should renew the cert of the Exp MRA C node(s) at the same time as you do it for your on-prem UC systems that's a no. As long as the cert is valid on the C(s) you don't need to renew anything.



Response Signature


Go to solution
Rob bakshi
Level 1
Level 1
In response to Roger Kallberg

‎01-05-2022 10:58 AM

Hi Roger, The EXP-E and EXP-C certificate is going to expire soon, we have to generate the CSR and installing the new certs. 

 

I just want to know, Is there any Impact on the SSO? if we install new certs

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to Rob bakshi

‎01-05-2022 11:48 AM - edited ‎01-05-2022 11:48 AM

If you get a new cert you will need to update the trust in the IdP.

Also why do you mark all reply, including your own, as the answer/solution to your question?



Response Signature


Go to solution
Rob bakshi
Level 1
Level 1

‎01-05-2022 12:53 PM

Thank you Roger for confirming! 

 

Do we need to Export any SAML data post certificate upload activity? 

 

If the private key is going to change, in that case we have to export the SAML data ?

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to Rob bakshi

‎01-06-2022 12:09 AM - edited ‎01-06-2022 12:11 AM

Either export the meta data, that would contain the new certificate information, or simply give the new certificate file to your manager of the IdP for them to update the trust with the new certificate information.

Again please stop marking all replies as the answer to your question. That’s the green check box that appears on the posts. This is not the intended way for how to use this function. Also please go back and change this on the previous wrongly marked posts to only have the one/once that actually answered your question marked as the answer to your question.

39D346EA-A18C-48D3-A6A4-C459AC07B139.jpeg



Response Signature


Customers Also Viewed These Support Documents