F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Jens_Deprez_133's avatar
Jens_Deprez_133
Icon for Nimbostratus rankNimbostratus
Jun 01, 2018

SAML External IDP key roll-over

Hi,   One of our external IDP connectors is implementing a new certificate for the Assertion Verification. They provided new metadata which contains two certificates, the current one and the new f...
BIG-IP Access Policy Manager (APM)
security
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
Jun 01, 2018

Hi jens,

 

In your side you have to use only the new one.

 

The IDP maintain both because it will allow to migrate smoothly.

 

You can create an bundle in F5, just go to (System ›› Certificate Management : Traffic Certificate Management : SSL Certificate List), then create a new cert and paste both certificate. call it bundle IDP.

 

then set this bundle in your External IDP profile.

 

Hope it's clear. keep me in touch.

 

Regards