NetIQ access manager, certificate update for SAML2 trusted provider is very manual and cumbersome.
Every year, our operation team need to update all the SAML2 identity providers signing certificates, from admin console,
the only way you can do that is to import the metadata with new signing certificate,
sometimes every partner only send the renewed certificate, we have to either request new metadata or retrieve from the copy
and update the metadata. It is very inefficient.
Comparing other SAML2 implementation, most products provide GUI interface to automatic update or replace certificate directly.
Please enhance manage metadata feature in 5.0
1. able to import metadata from file.
2. able to update certificate of metadata file in GUI
3. automatically refresh metadata and certificate from metdata URL.
This solution talks about updating metadata from a file and automating it.
Additional changes to automated metadata refresh and signing certificates are planned in NAM 5.0 SP2.
Please do check if the suggested solution helps you