After renewing IDM certificate SAML doesn't work

Hi everybody,

After following the procedure for renewing IDM certificate our SAML with ADFS doesn't work - user is redirected to ADFS but there is no prompt for username and password. Fortunately using the old spring_saml_metadata.xml file is possible and users are working. Has anyone completed the IDM certificate renewal procedure?

I have noticed that in the old (and good one) spring_saml_metadata the CNof the certificate is SMAXIDM and in the new (and bad one) this is LOCALHOST. But in the procedure it is not explained what it should be.

And what do you think what will happen when the IDM certificate will expire?

 

In IDM logs there are some related messages which I cannot understand:

...

2020-08-14T14:15:00.122 0200 ERROR [http-nio-8080-exec-2] com.hp.ccue.identity.spring.preauth.PreAuthFilter - Incoming HTTP request has invalid X-Auth-Token header. Aborting pre auth processing. URL: /idm-service/api/scim/organizations/902370360_db/users, The token has expired

...

2020-08-14T14:15:02.935 0200 INFO [https-jsse-nio-8443-exec-5] org.springframework.security.saml.log.SAMLDefaultLogger - AuthNRequest;SUCCESS;172.16.98.96;https://....../idm-service/saml/metadata;http://......./adfs/services/trust;;;

Regards, Darek