Hi Sean, I think by default the expiry period is 10s of years. To re-generate new certificates, you can backup your DB and delete from the two saml related entries in cloud.keystore table and restart the management server(s) one by one. Next, you'll need to re-register the CloudStack SAML SP metadata to your IDP server.
Regards. ________________________________ From: Sean Lair <[email protected]> Sent: Friday, September 22, 2023 20:28 To: [email protected] <[email protected]> Subject: SAML Certificates Expired Hi all, how are the SAML signing and encryption certificate renewals handled in CloudStack? We use SAML and the certs show using the API command below just expired and now SAML logins don't work. Are those supposed to auto-renew? http://acs-server:8080/client/api?command=getSPMetadata Thanks Sean
