04-18-2018 07:13 AM - edited 03-19-2019 01:17 PM
My CUCM lab server running 11.5.1.12900-21 on UCS c240 chassis had an expired tomcat and tomcat-trust certificate.
I rotated the expired certificates as part of the process Restarted tomcat service and the cisco TFTP service as suggested
but the prompt also suggested me to disable and re-enable the SAML SSO.
I disabled the SAML SSO and when i had to download the "Export All metadata" file to provide it to the people who manage idp side of things. the "Export All metadata" wouldnt download anything, the button is unresponsive
I thought this was some browser issue but was surprised to see the issue was still on when i tried the access across mutiple browser / computers and even after a server reboot. clearing browser cache, allow popups etc
has anyone faced this situation ? if so would you be able to share the resolution ?
I could not find any ways online to download the "Export All metadata" from the CLI
03-08-2021 02:56 PM
How did you resolve this issue?
03-08-2021 11:07 PM - edited 03-09-2021 09:01 AM
Not an answer to the problem as such, but the information in documentation about that SSO needs to be turned off when the Tomcat certificate is renewed is inaccurate.
What is needed is to send or use the new Tomcat certificate information to update the trust in the IdP. This would get the new certificate information from the renewed Tomcat certificate into the trust on the IdP.
03-09-2021 07:16 AM
HI,
Thanks for the feedback. I agree the step is important and required. I was able to complete the export last night. I tried several web browsers and a dedicated server for system access all of these failed to produce the file export. On my 3rd attempt using Microsoft Edge browser the window allowing me to download the export finally showed up. I did not change any thing on my systems, popups were not blocked, etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide