Skip to Content

Signing certificate getting expired frequently in SAML based authentication,MS Azure as IDP

Jul 23, 2017 at 10:48 AM


avatar image
Former Member

Hello Team,

I have strange issue regarding signing certificate for our SAML based SSO where MS Azure id our IDP.

Signing certificates are keep on expiring and SSO failing.Error log shows that verification of certificate signature failed and shows the required certificate.We checked with IDP team and they updated it is normal behavior from Microsoft need to check with SP.When we checked we got below SAP notes.

2437217-Error: "Signature validation with the configured primary certificate failed..."

2462389-Renew IdP signing certificate on Service Provider on AS ABAP without downtime

2464455-Extract IdP signing certificate from SAML 2.0 trace

But there is no permanent fix or no way to automate the certificate renewal.IDP team asked to check any option regarding Signing key Rollover.But there is no such option at SP side.

Can you please help on this.

10 |10000 characters needed characters left characters exceeded
Former Member

can any one help?

* Please Login or Register to Answer, Follow or Comment.

1 Answer

Prithviraj Rajpurohit Jul 25, 2017 at 08:54 AM


Check the link if that helps?



Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hello Prithviraj,

Thanks for the suggestion but this is the article about the certificate configured in our tenant and not the one related to the microsoft access control certificate which is configured in SAP.