How to replace the Alma signing certificate expiring in the near future?
- Product: Alma, Primo VE
- Product Version: any
- Relevant for Installation Type: Multi-Tenant Direct, Dedicated-Direct, Local, TotalCare
please work with your IT to update Alma and SAML IdP at the same time to avoid service interruption
1. Log into Alma
2. Go to the integration profiles section: Configuration Menu > General > External Systems > Integration Profiles
3. Open the SAML profile (with integration type as SAML)
4. Update the profile as the following:
a. In the “Alma metadata file version” dropdown menu, select the “Version 20nn …” certificate or “Signed certificate … 20nn”.
b. Click “Save” button (top right) to save the changes
5. Update the profile as the following:
a. In the “Alma metadata file version” dropdown menu, select the “Version 20nn …” certificate or “Signed certificate … 20nn”.
b. Click “Save” button (top right) to save the changes
6. Send the following metadata file link(s) to your IdP administrator:
20nn self signed:
https://<ALMA_BASE_URL>/view/saml/metadata?VERSION=VERSION_20nn_NEW
https://<PRIMO_VE_BASE_URL>/view/saml/metadata?VERSION=VERSION_20nn_NEW
OR 20nn DigiCert:
https://<ALMA_BASE_URL>/view/saml/metadata?VERSION=SIGNED_20nn
https://<PRIMO_VE_BASE_URL>/view/saml/metadata?VERSION=SIGNED_20nn
(If you have Primo VE, a second link with the PRIMO_VE_BASE_URL needs to be sent as well)
7. The IdP administrator uses the new certificate information in the metadata file(s) to update the related IdP relying party trust
- Article last edited: 15-AUG-2023