/
Migration of Service Provider X.509 Certificate

Migration of Service Provider X.509 Certificate

The X.509 certificate in the app is used to improve security in the SAML Single Sign-On process. The X.509 certificate is configured in the Identity Provider for signing and encryption. In the app, option to Sign SAML Request (sent from service provider to your Identity Provider) can be turned on. In your Identity Provider, you can choose to encrypt the Assertion in the SAML Response (sent from your Identity Provider to service provider).

How to migrate the certificate?

The X.509 certificate is saved with the Identity Provider. So, the certificate needs to be migrated in the SSO app as well as the Identity Provider at the same time.

  1. Schedule downtime

  2. Verify functioning SSO

  3. Go to Backup/Restore Configurations tab and download the App configuration file for backup

  4. Go to the Certificates tab and click on Generate New Certificates. Enter relevant details and generate new certificates.

  5. Go to Service Provider Info and from the table, against Certificate click on the Download button.

  6. Configure this certificate in the Identity Provider.

  7. Confirm correct certificate migration using Test Configuration (Configure IDP tab, next to Save). You should see a success message. If you get a certificate mismatch error, follow steps 4 to 6 again.

  8. Open a new browser to test SSO

Related content

SAML SSO Troubleshooting
SAML SSO Troubleshooting
More like this
User Directory Information
User Directory Information
Read with this
Confluence SAML Server SSO App Technology Stack
Confluence SAML Server SSO App Technology Stack
More like this
How to Capture SAML Tracer logs ?
How to Capture SAML Tracer logs ?
More like this
SAML - Info On settings which got migrated
SAML - Info On settings which got migrated
More like this
How do users choose IDP when using multiple IDPs?
How do users choose IDP when using multiple IDPs?
More like this

@ Copyright 2019 miniOrange. All Rights Reserved.