View Source

Log in to the DualShield Admin Console

Go to Administration>Tasks

Look for the Replace IDP Certificate Task. You will notice that there are two tasks...

DualShield MFA Platform > Updating the SSO IDP Signing Certificate > Replace_IDP1.png

They both do a similar job, however, the Replace IDP Certificate for single SSO Server only applies in the case where a user has multiple frontend SSO servers, and the different servers are being used as the IDP for different Service Providers. If you just have an all-in-one setup, where the backend also acts as the frontend, you can just run the Replace IDP Certificate task.

Click Run from the context menu on the task you wish to use

DualShield MFA Platform > Updating the SSO IDP Signing Certificate > Replace_IDP2.png

Replace the default values with the path and certificate name, plus password....

DualShield MFA Platform > Updating the SSO IDP Signing Certificate > Replace_IDP3.png

The task parameters for single SSO Server only is almost identical, however, you will see the additional SSO Server Name: field at the bottom, where you can specify the name of just one of your SSO servers

DualShield MFA Platform > Updating the SSO IDP Signing Certificate > Replace_IDP4.png

Click on Run

Click on the Instances tab at the top and check that the task had completed without errors..

DualShield MFA Platform > Updating the SSO IDP Signing Certificate > Replace_IDP5.png

Go to SSO>SSO Servers and View

You will see that the certificate has successfully updated..

DualShield MFA Platform > Updating the SSO IDP Signing Certificate > Replace_IDP7.png

Please restart the DualShield Server Service on the corresponding server that you have applied the certificate update to, to make it effective.