Skip to Content
avatar image
Former Member

Signing certificate getting expired frequently in SAML based authentication,MS Azure as IDP

Hello Team,

I have strange issue regarding signing certificate for our SAML based SSO where MS Azure id our IDP.

Signing certificates are keep on expiring and SSO failing.Error log shows that verification of certificate signature failed and shows the required certificate.We checked with IDP team and they updated it is normal behavior from Microsoft need to check with SP.When we checked we got below SAP notes.

2437217-Error: "Signature validation with the configured primary certificate failed..."

2462389-Renew IdP signing certificate on Service Provider on AS ABAP without downtime

2464455-Extract IdP signing certificate from SAML 2.0 trace

But there is no permanent fix or no way to automate the certificate renewal.IDP team asked to check any option regarding Signing key Rollover.But there is no such option at SP side.

Can you please help on this.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Jul 25, 2017 at 08:54 AM

    Hi

    Check the link if that helps?

    https://docs.microsoft.com/en-us/azure/active-directory/active-directory-sso-certs

    Regards,

    Prithviraj

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Prithviraj,

      Thanks for the suggestion but this is the article about the certificate configured in our tenant and not the one related to the microsoft access control certificate which is configured in SAP.