eCase Help
Print

Rolling over a certificate

When you define a secondary X.509 certificate, eCase will validate the SAML Response from the IdP against both certificates and treat the SAML response as valid if it was signed by either one. This allows you to perform a seamless certificate rollover without causing downtime for your SSO users by following these steps:

  1. Generate a new certificate pair for use by your IdP.
  2. Go to the SAML Settings page. Click on the More drop-down on the eCase menu bar and select the SAML Settings link.
  3. Place a tick in the I have a secondary X.509 certificate tickbox. The Secondary IdP X.509 Certificate field appears.
  4. Export the public key and enter the details in the Secondary IdP X.509 Certificate field.
  5. Test the SAML settings by following the steps on the Test SAML Single Sign On Settings page.
  6. Save your changes by clicking on the Save button.
  7. Configure your IdP to start to use the new certificate to sign SAML responses.

eCase Online Learning
Accessibility Statement

Contact Us

support@ecase.co.uk