Update the existing SSO Certificate

Users require the secured action Configuration - Access to access this module.

If you require access, then contact your System Administrator. For information on how to add secured actions to a role, refer to Manage User Roles.

It is recommended practice to update the certificate outside of business hours to reduce disruption to users.

Step 1. Backup the existing SSO certificate

Make sure you must save a copy of the existing Identify Provider (IdP) certificate prior to making changes. The certificate cannot be recovered when overwritten.

Sign into Serraview with a Serraview account (non-SAML).
Navigate to Admin Settings > System Config > General.
Select SAML.
In the Identity Provider Certificate field, copy the existing certificate.
Open a text editor e.g. Notepad.
Paste in the existing certificate.
Save the text file with today's date to a secure location.

Step 2. Replace the SSO certificate

Copy the new certificate.
Navigate to Admin Settings > System Config > General.
Select SAML.
In the Identity Provider Certificate field, paste in the certificate.

Do not include the --BEGIN CERTIFICATE-- and --END CERTIFICATE-- when you paste in the certificate.

Ensure that the certificate contains no spaces as the certificate is one big line.

6. Click the Update button.

Troubleshooting

If you have updated the SSO certificate but it is not working.

Record the errors the update IdP certificate produces.
Create a Serraview Support ticket and send the new IdP Certificate securely via the File Upload. Make sure that you include a comment so the Support team can identify your IdP Certificate.
In the mean time you will need to 'roll-back' the changes to use the old certificate. Copy the contents of the text file created in Step 1 and paste it back into the configuration.
Confirm that this has worked by logging into Serraview using SSO.

If the 'roll-back' was not successful, then create an urgent support ticket with the Serraview Support team.