Hi,
I noticed, if I update a SAML SP partner at more then one IDP (on the same appliance) becasue of certificate expiration time and if the partner already exists on other IDPs, using the same certificate for validation and / or encryption, then ISVA updates the certificate for the first time, but does not update the certificate configuration for the second time, on the second IDP.
Example:
before update SP:
idp1 - partner1 - validation-123
idp2 - partner1 - validation-123
after update SP:
idp1 - partner1 - validation-456
idp2 - partner1 - validation-123 (old cert)
It is clear, that ISVA does not import the certifiate, if it recognised it in KDB / P12 (rt_profile_keys) but the problem is that ISVA does not update the Partner cofiguration with the new certificate information.
Affected versions: 10.0.2.0 and 10.0.3.1 too.
Is it a normal behavior?
Thank you!
------------------------------
Sándor Lakner
------------------------------