Change SSL certificate for Service with SAML
Hi,
we have an F5 setup in place, where an external portal (VMware) connects the users through F5 via SAML SSO.
The F5 is acting as SAML SP, so it receives a SAML token and authenticates the user via SSO to the service that he clicked on in the VMware portal.
Initially, one step of setting up this was to create a SP under "Access ›› Federation : SAML Service Provider : Local SP Services" for each service. Under security settings, I checked the "Sign Authentication Request" and used the certificate and key of this service. Then I exported the metadata, which was imported on the other side, so that SAML is spoken properly between F5 and VMware.
Now we need to replace the certificates of the services.
My question is now: If I replace the certificate in the SSL-profile, I need to replace it in the Security Settings too. If I do so, do I need to export the Metadata file again, and import it on VMware side, or is this step not not necessary?