How to Manually Rotate Your SAML Certificate in the TextExpander SSO Admin Portal
Many Identity Providers (IdPs) provide .cer files (certificate files) to facilitate SAML (Security Assertion Markup Language) authentication and other secure authentication methods. The .cer file is typically a public certificate file used to establish trust between the IdP and the Service Provider (SP) by signing SAML assertions.
To update your certificate information, you have the option to update the entire IdP XML metadata or just the certificate section. If you have received a new .cer file, follow these steps to update the IdP metadata in the TextExpander SSO Admin Portal.
1. Convert the Certificate File: If your .cer file is not already in base64 encoded format, convert it first. You can use a tool or script to convert the certificate to a base64 string.
2. Access the IdP Metadata Field: Log in to the TextExpander SSO Admin Portal and navigate to the field labeled ‘IdP Metadata’, which is editable.
3. Backup Your Current Metadata: Before making changes, save a copy of the current XML metadata. Copy and paste it into a temporary plain text file until you’ve confirmed that your new certificate is working. This allows you to revert to the original settings if any issues arise after updating.
4. Update the Certificate Section: You have two options: You can update the entire XML metadata file that includes the new certificate or replace only the certificate portion.
Option A: Replace the Full Metadata
Get the latest metadata XML from your IdP and confirm it includes this line at the very top:
<?xml version="1.0" encoding="UTF-8"?>
Replace all the contents of the IdP Metadata field with the new XML.
Option B: Replace Only the Certificate
Inside the existing metadata, locate the <ds:X509Certificate> section:<ds:X509Certificate>...</ds:X509Certificate>
Replace the content between the opening and closing tags with your new base64 string.
Ensure Accuracy: Double-check all details for accuracy before saving. Incorrect information can lead to authentication issues and disrupt access to the web application.
Save and Test: Save the changes and test the configuration to ensure everything works as expected. Verify that the authentication process operates smoothly with the new certificate.