Forum Discussion

Nimbostratus

Jun 01, 2018

SAML External IDP key roll-over

Hi, One of our external IDP connectors is implementing a new certificate for the Assertion Verification. They provided new metadata which contains two certificates, the current one and the new f...

BIG-IP Access Policy Manager (APM)

security

youssef1

Cumulonimbus

Jun 01, 2018

Hi jens,

In your side you have to use only the new one.

The IDP maintain both because it will allow to migrate smoothly.

You can create an bundle in F5, just go to (System ›› Certificate Management : Traffic Certificate Management : SSL Certificate List), then create a new cert and paste both certificate. call it bundle IDP.

then set this bundle in your External IDP profile.

Hope it's clear. keep me in touch.

Regards

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SAML External IDP key roll-over

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

iRule causing requests to be duplicated (sometimes)

SSL Bridging and FQDN rewrite Policy

How can I get started with iCall

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

Related Content

External Monitor Information and Templates

TACACS+ External Monitor (Python)

CSV to Address External Datagroup File

SAML - LTM in front of SP

snmp-check external monitor

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS