Post SSL certificate upgrade - metadata still gives the old certificate
We are using the external CA signed certificate for signing and encryption. Its going to expire in some days. So i have created a new CSR and get it signed and added those in trusted roots and assigned it for the IDP and AG devices.
I have replaced the SSL certificate as well. Still my metadata is pointing to the older certificate only.
Any thoughts ?
In NAM appliance Metadata certificates should get replaced when updating ssl (https) certificate for IDP cluster
In application you have to add it to the IDP keystores for signing and encryption to get the metadata updated
Try to replace default singing and encryption certificates with your new certificate using the same alias
in IDP-->General--> security-->keystors, pick the signing and encryption keystores
NAM appliance has single keystore unlike NAM Service deployement. To change the certificate, you need to replace from AG cluster -> Reverse proxy. Select the certificate and it will be applicable to IDP as well.
In NAM appliance, IDP is behind ag so this single certificate will work. Hope this helps!
Hello! You got 2 responses which hopefully provide you with all information you need in order to resolve your issues.
If you got a solution, please accept the answers as solution to your question. Your fellow community members will appreciate it when having similar issues! thank you!